- Washington, DC, USA
- Full Time
Defense Point Security is currently seeking a qualified candidate to fulfill a role as an Incident Response Analyst. This position requires previous experience performing incident response duties, along with prior forensic analysis experience. The primary job function involves being the first responder for cyber-security incidents identified through security event management tools and confirm validity of identified incidents. As an Incident Response Analyst the candidate will be working with enterprise forensic capable systems, log analysis systems, and network collection systems to respond to incidents on a large-scale enterprise network.
All applying candidates must be willing to work with customers, peers, other support teams in support of ongoing cyber security investigations and incident response duties. The ideal candidate should be able to multitask and give equal attention to a variety of functions while under pressure. As a requirement the candidate must to stay up-to-date with current vulnerabilities, attacks, and countermeasures. All candidates are expected to understand the network, both hardware and software configurations so as to expedite investigations and identify what systems may have been affected. Additionally, the candidate must be able to differentiate false positives from true intrusion attempts; while monitor alerts and events utilizing monitoring tools, provide day-to-day security reports, and perform IR ticket handling. Furthermore, candidates must support the incident response teams by providing correlation analysis, trending, and metrics of all security events on the network.
- CISSP, EnCE, and/or GIAC certifications highly preferred
- Must have a thorough understanding of general network and cyber security practices and concepts
- The candidate must have knowledge of security threats (including Web, mobile and desktop applications), vulnerabilities and controls, and assess their applicability to the network infrastructure.
- 2+ years of experience working on computer security incident response team
- 1 + years of experience of In-depth knowledge of live forensics with enterprise forensics tools such as EnCase Enterprise or Mandiant Intelligent Response
- Strong analytical, documentation, and communication skills
- Experiential understanding of standard forensic methodologies, including the use of memory analysis
- Strong understanding of basic Windows registry, NTFS, malicious documents (Microsoft Office, PDF, etc.), memory, prefetch and Windows event log analysis
- Proficient skills in malware analysis for Windows based malware
- Knowledgeable in forensics software like EnCase, AccessData or similar
- Understanding of network traffic analysis
- Experience with enterprise information security data management tools such as ArcSight or Splunk is helpful
- Familiarity with Windows, Apple, and Linux based operating systems (i.e. XP, Windows 7, 2003, 2008, OS X)
- Must demonstrate experience working on projects, designing process solutions, and directly interacting with customers.
- Proven experience documenting systems configurations, processes and procedures
- Knowledge of key technologies including but not limited to: access controls, authentication, IDS/IPS network defense & monitoring, firewalls, privilege management, routers, secure network architecture, sniffer technologies, switches, TCP/IP, VPNs, etc.
- Candidate must possess excellent written communication skills and the proven ability to present complex, technical information to both technical and non-technical audiences.
- Ability to communicate with and understand the needs of large government or corporate enterprise environments.
- Excellent leadership, teamwork, and collaboration skills.
- Results oriented, self-motivated, self-directed, and hard working
Experience: A Bachelor's Degree in a related field along with 3–5 years experience in Information Security
Job Location: Washington, DC
Position Type: Full-Time/Regular
Security Requirement: CBP Full BI, DHS EOD, or DoD TS preferred.
All candidates must be clearable.
Defense Point Security is an IT Security Consulting firm specializing in government-focused security solutions. Our goal is to provide expert IT security services to our clients while cultivating information security knowledge among all employees for the advancement of cyber security. Defense Point Security offers a competitive employment package including medical, vision, and dental insurance (among others).
Defense Point Security offers a competitive benefits package to include:
- Competitive Salary
- Health, Dental, Vision Insurance Premiums are 100% paid by DPS for employee and eligible dependents
- Personal Accident Insurance paid by DPS
- Life Insurance paid by DPS
- Short Term Disability Insurance paid by DPS
- Long Term Disability paid by DPS
- 401k Contribution Matching - 100% up to 3%, 50% up to 5%
- 401k is 100% fully vested after 90 days
- Paid time off starting at 3 weeks a year (15 days)
- 10 paid Federal Holidays
- Up to $100 per month reimbursed for cell phone
- Up to $50 per month reimbursed for home internet
- Up to $200 every 2 years for a cell phone upgrade
- 24x7 access to office gym and locker rooms
- Reimbursement for qualifying educational and training expenses
- Rewards for obtaining new IT certifications
- Computer-based training (CBT) library on IT and information security topics and certifications
- Remote access to a virtual lab for testing/learning opportunities
- Flexible / Alternative Work Schedules