Logo
ARGO Cyber Systems, LLC

Host Based Cyber Systems Analyst III

ARGO Cyber Systems, LLC, Pensacola, Florida, United States, 32573


The DHS's Hunt and Incident Response Team (HIRT) secures the Nation's cyber and communications infrastructure.

HIRT provides DHS's front line response for cyber incidents and proactively hunts for malicious cyber activity.

Argo Cyber Systems is a key partner to DHS, performing HIRT investigations to develop a preliminary diagnosis of the severity of breaches.

Argo provides HIRT remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. Contract personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunt for malicious cyber activity. Raytheon Technologies Intelligence & Space (RIS) is seeking Host Forensics Analysts to support this critical customer mission.

Responsibilities:

Assisting Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating artifact collection operations.

Providing technical assistance on digital artifacts collection/triage matters and forensic investigative techniques to appropriate personnel when necessary.

Writing in-depth reports, supporting peer reviews, and providing quality assurance reviews for junior personnel.

Supporting forensic analysis and mentoring/providing guidance to others on data collection, analysis, and reporting in support of onsite engagements.

Assisting with leading and coordinating forensic teams in preliminary investigations.

Planning, coordinating, and directing the inventory, examination, and comprehensive technical analysis of computer-related evidence.

Distilling analytic findings into executive summaries and in-depth technical reports.

Serving as technical forensics liaison to stakeholders and explaining investigation details, including forensic methodologies and protocols.

Tracking and documenting on-site incident response activities and providing updates to leadership throughout the engagement.

Evaluating, extracting, and analyzing suspected malicious code, characterizing and analyzing artifacts to identify anomalous activity and potential threats to resources.

Performing event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.

Analyzing identified malicious activity to determine weaknesses exploited, exploitation methods, and effects on systems and information.

Required Skills:

U.S. Citizenship.

Must have an active TS/SCI clearance.

Must be able to obtain DHS Suitability.

8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools.

Ability to create forensically sound duplicates of evidence (forensic images).

Able to write cyber investigative reports documenting digital forensics findings.

Experience with the analysis and characterization of cyber attacks.

Skilled in identifying different classes of attacks and attack stages.

Knowledge of system and application security threats and vulnerabilities.

Knowledgeable in proactive analysis of systems and networks, including creating trust levels of critical resources.

Must be able to work collaboratively across physical locations.

Desired Skills:

Experience with or knowledge of two or more of the following tools:

EnCase

FTK

SIFT

X-Ways

Volatility

WireShark

Sleuth Kit/Autopsy

Splunk

Snort

Other EDR Tools (Crowdstrike, Carbon Black, Etc.)

Proficiency with conducting all-source research.

Required Education:BS in Computer Science, Cybersecurity, Computer Engineering, or related degree and 5-7 years; or HS Diploma and 7-9 years of host or digital forensics experience.

Desired Certifications:GCFA, GCFE, EnCE, CCE, CFCE, CISSP.

#J-18808-Ljbffr