ProSync

Host Based Systems Analyst - II (HIRT)

ID
2020-3560
# of Openings
5
Category
Security Engineer
Clearance Level
TS/SCI with Polygraph
Location
US-VA-Arlington
Posted
9/17/2020

Overview

ProSync Technology is a leader in the Intelligence Community built on a community of talented and committed individuals. With a heritage built on supporting National Security and telecommunications industry we deliver solutions in Hardware Engineering, Intelligence Analysis, Cyber Defense, Research and Software Development. If you are ready for a new and exciting career we invite you to apply to be a part of our team, ProSync, Professionals In-Sync.

 

ProSync is currently looking for a Host Based Systems Analyst - II to join our team!

Responsibilities

  • Assists in preliminary analysis by tracing an activity to its source and documenting findings for input
    into a forensic report
  • Documents original condition of digital and/or associated evidence by taking photographs and
    collecting hash information
  • Assists team members in imaging digital media
  • Assists in gathering, accessing and assessing evidence from electronic devices using forensic tools
    and knowledge of operating systems
  • Uses hashing algorithms to validate forensic images
  • Works with mentor to identify and understand adversary TTPs
  • Assists team members in analyzing the behaviors of malicious software
  • Under direct guidance and coaching, locates critical items in various file systems to aid more senior
    personnel in their analysis
  • Perform analysis of log files from a variety of sources to identify possible threats to computer security
  • Acquires/collects computer artifacts (e.g., malware, user activity, link files, etc.) from systems in
    support of onsite engagements
  • Assesses evidentiary value by triaging electronic devices
  • Correlates forensic findings with network events to further develop an intrusion narrative
  • When available, collects and documents system state information (running processes, network
    connections, etc.) prior to imaging
  • Performs incident triage from a forensic perspective to include determination of scope, urgency and
    potential impact.
  • Tracks and documents forensic analysis from initial involvement through final resolution
  • Collects, processes, preserves, analyzes and presents computer related evidence
  • Coordinates with others within the Government and with customer personnel to validate/investigate
    alerts or other preliminary findings
  • Conducts analysis of forensic images and other available evidence and drafts forensic write-ups for
    inclusion in reports and other written products
  • Assists to document and publish Computer Network Defense guidance and reports on incident
    findings to appropriate constituencies

Qualifications

Requires a Bachelors degree in a technical discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline and four (4) years of host-based investigations or digital forensics experience

 

OR

 

A High School Diploma with six (6) years of experience on programs of a similar scope and nature with experience in host-based investigations and/or digital forensics.

 

  • Uses leading edge technology and industry standard forensic tools and procedures to provide insight
    into the cause and effect of suspected cyber intrusions
  • Follows proper evidence handling procedures and chain of custody protocols
  • Produces written reports documenting digital forensic findings
  • Determines programs that have been executed, finds files that have been changed on disk and in
    memory
  • Uses timestamps and logs (host and network) to develop authoritative timelines of activity
  • Finds evidence of deleted files and hidden data
  • Identifies and documents case relevant file-system artifacts (browser histories, account usage and
    USB histories, etc.)
  • Creates forensically sound duplicates of evidence (forensic image) to use for data recovery and
    analysis
  • Performs all-source research for similar or related network events or incidents
  • Skill in identifying different classes of attacks and attack stages
  • Knowledge of system and application security threats and vulnerabilities
  • Knowledge in proactive analysis of systems and networks, to include creating trust levels of critical
    resources

Clearance Requirement

  • U.S. Citizenship and Top Secret security clearance

ProSync Technology

ProSync's executive team creates and expands business opportunities, recruits talented and intelligent technology professionals, and fosters a company culture that empowers ProSync professionals to shape and mold the direction of their careers and the direction of ProSync. Employees of ProSync Technology Group, LLC and applicants for employment shall be afforded equal opportunity in all aspects of employment without regard to race, color, religion, political affiliation, national origin, disability, sex, age, or marital status.

   

Email Staffing@prosync.com for more specifics regarding the position.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed