Davidson Technologies, Inc. is an Equal Opportunity Employer (M/F/D/V).

Start Over with Job Search
Already have a profile?  Login Now

2017-1744-RP: Cyber Forensics Specialist, Eng. IV (20042) - Colorado Springs, CO & Huntsville, AL
LocationAL, Huntsville
ScheduleFull Time
Company1) Davidson Technologies, Inc.
  
Job Responsibilities
As a Cyber Forensics Specialist, the candidate will conduct cyberspace defense, intrusion detection, cyber incident response, and digital forensic analysis. He/She will have the following duties:
  • Collect and preserve potential evidence by analyzing content of compromised network and endpoint systems
  • Examine compromised computers, servers, network devices, and networks
  • Document relevant findings, identifying the tactics, techniques, and procedures used by an attacker
  • Support mitigation and remediation activities to isolate threats and bring systems back into operation
  • Support Defensive Cyberspace Operations (DCO) surveillance and incident
  • Respond on Missile Defense Agency's (MDA) networks
  • Analyze security event audit logs from network security devices for anomalies and known attack patterns
  • Conduct incident handling/triage, network analysis, and threat detection
  • Communicate accurate information about an incident's cause & impact and determine the value and applicability of information received through incident reporting
  • Review data originating from ongoing intrusions or cybersecurity incidents and document the findings of activities involved
  • Coordinate to analyze vulnerabilities with known exploits that do not have vendor-provided mitigation or remediation action
  • Respond to cybersecurity incidents by reporting all pertinent information in local incident reporting database and DoD incident management system
  • Employ excellent technical writing skills to accomplish required forensic and incident reporting to meet government requirements
  • Develop and present cyber threat briefings, presentations, and white papers to MDA leadership to ensure situational awareness and status
  • Support the develop of DCO Detect/Respond procedures, standard operating procedures, desktop procedures, manuals, and other DCO documentation

  • Qualifications
    Requirements:
  • Master of Cybersecurity or related technical field with a minimum of ten (10) years' relevant experience (acceptable alternative education/experience: Doctorate/4, Bachelor/15)
  • A minimum of five (5) years' experience as a network forensic analyst or related functional area
  • A minimum of ten (10) years' experience in related IT networking field, i.e., servers, routers, firewalls
  • Current DoD 8570 IAT Level III with continuing education (CE)
  • Must possess, obtain within 60 days of selection, and maintain a DoD 8570 CND-SP certification (GCIA, GCIH, GCFE or CEH)
  • Proficiency with forensic practices, procedures, and evidence handling
  • Proficiency in conducting live analysis on hosts, networks, and multiple platforms
  • Experience with security analysis and solutions in a WAN/LAN environment
  • Demonstrative knowledge of all operating systems, information systems security, network architectures, general database concepts, document management, hard/software components, electronic mail systems, and the computer forensic tool EnCase
  • Must be a proficient oral and written communicator
  • Experience with the government network and system security policies and procedures (e.g., CJCSM 6501B)
  • Ability to work in an operational environment, which may require extended hours with no notice on evenings, nights, holidays, and weekends
  • Ability to travel

  • Desired Competencies/Experience/Certifications:
  • Top secret clearance with SCI eligibility
  • Experience correlating security events across a WAN using SIEM tools, with ArcSight preferred
  • Experience with CND tools/applications such as Network Security Manager, Bluecoat, Barracuda, FireEye, SNORT, NetScount, and WildFire
  • Forensics certification

  • Clearance:
  • Must possess a secret security clearance with the additional ability to obtain a top secret clearance with SCI eligibility
  •