Job Description

Cyber Incident Response & Digital Forensics Lead 
Washington, DC - ONSITE
Clearance: Must possess active Top Secret security clearance
Salary: Up to $175K

ALTA IT Services is seeking a highly skilled and knowledgeable Cyber Incident Response & Digital Forensics Lead who will lead a team of incident responders and forensic analysts. This position is located on customer site in Washington, D.C.

Responsibilities include but are not limited to:
•    Assist in analyzing alerts, identifying true positives, and prioritizing incidents and incident response based on severity and impact.
•    Leading the analysis and identification of mobile threats, including malware, vulnerabilities, and other malicious activities targeting mobile devices and applications.
•    Working with the SOC/watch floor to develop and refine incident response plans and SOPs.
•    Gathering and analyzing extensive datasets to bridge informational gaps associated with cyber-attacks. This involves identifying perpetrators, understanding their intrusion methods, and meticulously documenting the precise sequence of actions that compromise system integrity.
•    Gathering evidence, analyzing artifacts, and reconstructing events to understand the scope and impact of incidents, determine how the compromise occurred, and identify root causes.
•    Conducting forensic analysis on systems and networks to determine the scope and impact of security incidents.
•    Conducting regular joint training exercises and tabletop simulations help strengthen coordination between teams and ensure compliance with security policies.
•    Conducting advanced malware analyses; devising and executing targeted threat mitigation strategies tailored to program and customer needs.
•    Analyzing threat intelligence feeds, indicators of compromise (IOCs), and TTPs to identify and conduct incident response to emerging threats.
•    Responsible for preserving and presenting evidence for legal proceedings.

Basic Qualifications:
•    Bachelor’s degree, preferably in IT, cybersecurity, or related discipline.
•    12+ years of IT experience with 8+ years of cyber incident response experience.
•    2+ years experience leading a team of incident responders.
•    2+ years of experience with digital forensics,
•    Must possess GIAC Certified Incident Handler (GCIH) certification.
•    3+ years of hands-on Splunk experience.
•    Proficient understanding of mobile operating systems architecture (such as Android, iOS), including the security features and limitations of each platform, as well as proficient understanding of mobile application security, network protocols, and the potential exploitation vectors associated with mobile devices.
•    Advanced knowledge of Windows, Linux, and macOS, enabling effective analysis and response across diverse technical environments

Preferred Qualifications:
Experience using the Axiom Forensics Suite.
Desirable certifications: GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensic Analyst (GNFA).
Other preferred certifications: GIAC Continuous Monitoring Certification (GMON), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Cloud Threat Detection (GCTD), GIAC Cloud Forensics Responder (GCFR), GIAC Advanced Smartphone Forensics Certification (GASF), GIAC Mobile Device Security Analyst (GMOB).

#M2

Ref: #850-Rockville (ALTA IT)

System One, and its subsidiaries including Joulé, ALTA IT Services, TeamPeople, and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.

System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.

Job Tags

Contract work, Local area,

Similar Jobs