Senior Forensic Incident Response Security Analyst

Location: Alexandria, VA
Date Posted: 04-12-2018
!!! Must be U.S. Citizen or Green Card holder and must be able to obtain a Public Trust clearance!!!
The Incident Response Security Analyst will be responsible for evolving, executing, and maintaining the incident management program for a federal agency to ensure rapid detection and response to all information security incidents in accordance with FISMA, OMB, and NIST at a minimum.
The Incident Response Security Analyst will work directly with the agency’s CSIRT Response Manager and CISO providing support to assist the Agency in the maturation of their Information Security Program. The position will be responsible for managing a team of functional and technical security professionals. This person will work closely with senior management, other team members, and operation teams to ensure security best practices are implemented across the agency.
  • Perform forensic analysis of electronic data sources (workstations, laptops, servers, mobile devices, etc.) in response to cyber incidents.
  • Investigate network intrusions to determine the cause and extent of the breach.
  • Preserve, harvest, and process electronic data according to the relevant policies and practices.
  • Research and maintain proficiency in tools, techniques, countermeasures, and trends in data hiding and network security and encryption.
  • Experience with forensic techniques/toolsets (e.g., EnCase Enterprise, EnCase eDiscovery, Tableau Write blockers and Imagers, FTK suite, etc.)
  • Lead a team providing a 24X7 incident management capability with primary emphasis on detection and response coordination and reporting leveraging the client’s existing and future managed network and security operations managed services.
  • Evolve, execute and maintain the agency’s Information Security Architecture to ensure the minimization of time between detection and response by establishing a defense in depth architecture with an emphasis on the proactive side of the “kill chain”.
  • The contractor shall evolve, execute and maintain the Agency unclassified Insider Threat program by developing, executing and maintaining Threat and Protection Profiles for identified insider threat thus ensuring the effectiveness of the program.
  • Provide expertise and advise on Incident Management best practices across the public and private sectors
  • Report on and communicate the status of Incident Management initiatives to agency upper management
  • 4 year college degree; minimum 5 years work experience supporting an IT department of a public or private entity
  • NCUA requires Public Trust.
  • Ability to hold a Secret Clearance
  • Must be a US Citizen
  • Subject Matter Expert in Incident Management
  • Prior experience communicating the status of Incident Management Program areas to agency upper management government officials.
  • Ability to maintain a strong awareness of local, national and international trends and developments in the area of security.
  • Strong project management, technical writing, and communication skills required
  • Candidates have hands-on experience 3 out of 8 cybersecurity tools such as:
    • Fortinet(MTIPS)**
    • Nessus (scanning)**
    • IPSonar**
    • Trend Micro*
    • FireEye*
    • EnCase EndPoint*
    • Barracuda
    • SolarWinds
  • Candidates must be familiar with cybersecurity tools such as:- FireEye -Trend Micro -Security Center (NESSUS)
    • IPSonar
    • PhishMe
    • Barracuda email
    • Palo Alto
  • Candidates should also have the following experience:
    • IDS/IPS experience
    • Incidence response
    • Watch floor experience
    • EnCase
  • Must obtain a NCUA Public Trust.
  • It will be helpful if the candidate has clearance from other Federal Agencies.
  • NCUA is big on Credit History and NO Criminal history.
  • Secret and Top Secret is a plus but NOT required.
If you are interested in getting more information about this opportunity, please contact Irina Rozenberg  at your earliest convenience.

At Ariel Partners, we solve the most difficult problems that inhibit technology from enabling our customers to achieve their goals. Our vision is to be recognized by our stakeholders as an elite provider of IT solutions, so when they have their biggest challenges we’re on their short list. We’re looking for team members who share our values of: Integrity to do the right thing even when it hurts; Commitment to the long term success and happiness of our customers, our people, and our partners; Courage to take on difficult challenges, accept new ideas, and accept incremental failure; and the constant pursuit of Excellence

Ariel Partners is an Equal Opportunity Employer in accordance with federal, state, and local laws.

this job portal is powered by CATS