Cyber Defense Research and Forensics Analyst - TS Clearance

Department:HHS

Location:Atlanta, GA

Text code CDRFA to 202-915-6712 to apply!

MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious organizations globally.

Our relationship with you is for the long run because your success is our success. We invest in your success through fantastic benefits (healthcare, generous PTO, paid parental leave, and tuition reimbursement, to name a few).

Beyond just excellent pay and benefits, you-ll want to work here for reasons that can-t be written into an offer letter-the challenge, growth opportunities, and most important: the culture of a company that cares about you.

A position at MPG promises you

• A diverse organization

• A safe workplace with zero tolerance for discrimination or harassment of any kind

• A balanced work life. Seriously.

• A stable, established, and growing business

• A leadership team focused on your professional growth and development

Job Description

Mindpoint Group, LLC has an exciting opportunity to join the Research and Forensics team of one of our clients in the Atlanta, Georgia area. This position is critical to the continued maturation of the clients operational capabilities and you will join an established and experienced group that is motivated to provide excellent services in defending federal infrastructure. You will work closely with other research and forensics analysts, threat hunters, threat analysts an established SOC and we will rely on you to examine recovered data and to perform forensics analysis.

What you get to do every day:

• Decrypt seized data using technical means

• Provide a technical summary of findings in accordance with established reporting procedures

• Ensure that chain of custody is followed for all digital media acquired in accordance with the Federal Rules of Evidence

• Identify digital evidence for examination and analysis in such a way as to avoid unintentional alteration

• Perform dynamic analysis to boot an -image- of a drive to see the intrusion as the user may have seen it in a native environment

• Perform static analysis to mount an "image" of a drive (without necessarily having the original drive)

• Perform file signature analysis and hash comparison against the established database

• Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)

• Perform tier 1, 2, and 3 malware analysis

• Extract data using data carving techniques (e.g., Forensic Tool Kit [FTK])

• Capture and analyze network traffic associated with malicious activities using network monitoring tools

• Utilize deployable forensics toolkits to support operations as necessary

• Perform Windows registry and file analysis

• Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.

Qualifications

Top Secret Clearance required

What skills are required?

• Bachelor-s Degree in CS-related field preferred. Experience may be considered in lieu of a degree - 4-7 years of experience in digital forensics, incident response, and threat hunt activities - Demonstrated competency in forensic tools like Encase and Wireshark - Core Competencies in computer forensics, computer networking and operating systems. - Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses - Understanding of scripting languages such as Python and regular expressions - Knowledge of Windows and Linux OS- and command lines

What is ideal?

• Certifications Desired:

• CISSP - Certified Information Systems Security Professional

• GCFA - GIAC Certified Forensic Analyst

• GCFE - GIAC Certified Forensic Examiner

• GREM - GIAC Reverse Engineering Malware

• GNFA - GIAC Network Forensic Analyst

Location:

• This position is initially fully remote. As COVID conditions change, it is expected to switch to a hybrid model in Atlanta, GA.

Additional Information

• All offers are contingent upon proof of full vaccination against COVID-19 or successful accommodation for an exemption.

• All your information will be kept confidential according to EEO guidelines.

• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, maternity/paternity leave, mobile phone stipend, pre-tax commuter benefits, the opportunity to participate in our mentorship program, and more!

• MindPoint is committed to maintaining a diverse environment. All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

Text code CDRFA to 202-915-6712 to apply!