Cyber Eviction Analyst

Cyber Eviction Analysts

Our partner provides support for on and offsite incident response to government agencies and critical infrastructure owners who experience cyber-attacks. They provide advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities. Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans. They are seeking Cyber Eviction Analysts to support this critical customer mission.

Responsibilities

• Serve as hunt and incident response subject matter expert (SME), applying in-depth knowledge on threat actor (TA) tools, techniques, and procedures (TTPs)
• Distill analytic findings into executive summaries and in-depth technical reports
• Provide expert support, analysis, and research with only broad direction into exceptionally complex problems and processes relating to the subject matter as it relates to hunt and incident response activities
• Serve as technical expert on high-level incident response teams providing technical direction, interpretation, and alternatives
• Exercise considerable latitude in determining technical objectives of an assignment or task at hand
• Independently develop technical solutions to complex problems that require the regular use of ingenuity and creativity
• Analyze incident data and victim environments to recommend targeted mitigations
• Advise technical personnel on countermeasure implementation and customization
• Support internal stakeholders on containment and eradication missions
• Document analysis in a standardized knowledgebase for sharing and publication
• Assist in maintaining branch process and procedure documentation
• Guide the completion of hunt and incident response activities

Requirements

• U.S. Citizenship
• Active TS/SCI Clearance
• Must be able to obtain DHS Suitability
• BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 10+ years of technical experience in the area of expertise
• 8+ years of directly relevant experience in the area of expertise
• Must be able to travel domestically on short notice
• Strong understanding of network architecture/security
• Experience performing cyber incident response
• Ability to think independently
• Demonstrates superior written and oral communication skills
• Must be able to work collaboratively across physical locations
• Skilled in identifying different classes of attacks and attack stages
• Understanding of system and application security threats and vulnerabilities
• Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources
• Proficiency with common operating systems (e.g., Linux/Unix, Windows)

Desired Skills

• Experience leading and mentoring technical teams
• Knowledge of Computer Network Defense policies, procedures and regulations
• Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return- oriented attacks, and malicious code)
• Network and System administration experience
• Strong understanding of adversarial tactics/techniques/procedures (TTPs)
• Experience with Identity and Access Management (IAM) tools
• Ability to review and analyze Enterprise Architecture (EA) from a security perspective
• Understanding of cyber defense-in-depth principles
• Hands-on skill in host/network intrusion detection
• Ability to perform event correlation
• Experience with malicious activity analysis
• Ability to collaborate with stakeholders at multiple levels within an organization

Desired Certifications (one or more)

• DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst
• DoD 8140.01 GCIA, GCIH, CSSP Analyst/CSSP Incident Responder
• DoD 8140.01 CEH, CSSP Analyst
• SANS GIAC GNFA preferred
• SANS GRID, GICSP, or GCIP a plus

For more than 20 years, NewGen Technologies has solved our clients' toughest IT challenges with integrity, security, and outstanding service by delivering both technology and talent. We have helped secure borders, have used artificial intelligence (AI) to fight terror, aided the identification of criminals, and have helped to prevent crime through the introduction of biometrics. Our team of Highly Cleared Specialists have hard-to-find skills and expertise in a wide spectrum of technologies to provide solutions that transform business processes and solve problems of national significance.