Veteran Firm Seeking a Digital Forensic Incident Response (DFIR) Senior Analyst for an Onsite Assignment in Washington, DC
My name is Stephen Hrutka. I lead a Veteran-owned consulting firm in Washington, DC, focused on strategic sourcing, supply chain management, and IT Staffing.
We want to fill a Senior-Level Digital Forensic Incident Response (DFIR) Analyst role for one of our newest clients. This cyber intelligence-driven firm primarily assists the Federal Civilian, DoD, and U.S. Intelligence Communities.
The ideal candidate has an active Top-Secret Clearance (eligibility to obtain SCI and pass CI poly), a Bachelor's degree, and 5+ years of experience with crisis management, incident response, strategic communications, or risk management.
If you’re interested, I'll gladly provide more details about the role and further discuss your qualifications.
Thanks,
Stephen M Hrutka
Principal Consultant
Executive Summary: HRUCKUS seeks a Senior-Level Digital Forensic Incident Response (DFIR) Analyst to support our client in Washington, DC.
Position Description: The DFIR Senior Analyst is responsible for preventing the escalation of severe security threats and providing reports to the security team. This position utilizes tools to minimize the effects of a security breach on the computer network and performs an analysis to ensure that computer networks are clear of threats.
Roles and Responsibilities:
- Conduct a full range of advanced professional duties required to monitor network activity, document and report on information security issues and emerging trends
- Provide threat and vulnerability analysis
- Monitor endpoint protection/detection for anomalies using designated escalation paths for remediation
- Review and monitor Security Information and Event Management (SIEM) log data for unauthorized access and initiate investigations if necessary
- Perform malware threat hunting using industry-leading products and applications
- Participate in developing security strategies
In addition, the DFIR Analyst shall:
- Perform against established operational rhythm, expectations, and standards for the Security Operations Center (SOC) DFIR line of effort
- Be part of the 24x7 operations
- Perform advanced incident-handling responsibilities directly with the client’s management team
- Identify areas of improvement for SOC processes and tools to enhance the mission
Basic Qualifications:
- MUST BE A US CITIZEN
- Bachelor's degree
- TS clearance (eligibility to obtain SCI and pass CI poly)
- 5+ years of experience with crisis management, incident response, strategic communications, or risk management
- 5+ years of experience in supporting the facilitation of training or briefing sessions
- Adept knowledge of cybersecurity and incident response principles, crisis management, and emergency management principles
- Ability to leverage available learning resources, both internal and external
- Experience with advanced Microsoft Office products
- Ability to work within a highly collaborative, fast-paced, dynamic environment
- Possession of excellent verbal and written communication skills
- Possession of excellent interpersonal skills, including client management skills
- Strong IR and Digital forensics experience and cloud experience are preferred
Additional Qualifications:
The ideal candidate will have experience with four or more of the items below:
- Splunk Search Processing Language (SPL)
- Microsoft Defender for Endpoint (MDE)
- Microsoft Azure Sentinel
- Kusto Query Language (KQL)
- Linux Bash
- PowerShell/CMD
- Networking - intermediate level knowledge of computer networking
- Type 2 Hypervisor software such as VMware Workstation Pro, VirtualBox, Hyper-V
- Comfortable using various distributions of Linux
Salary Information: The maximum salary is $170,000 annually
Location and Work Set-Up: 100% Onsite role in Washington, DC