ECS
Join to apply for the
Cyber Defense Forensics Analysts - Mid
role at
ECS . 1 day ago Be among the first 25 applicants Join to apply for the
Cyber Defense Forensics Analysts - Mid
role at
ECS . Job Description
ECS is seeking a
Cyber Defense Forensics Analysts - Mid
to work in our
Washington, DC
office. Position Summary
ECS Federal is a leading information security and information technology company in Washington, DC. We are looking to hire a mid-level Cyber Defense Forensics Analyst to support a full range of cyber security services on a long-term contract in Washington DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance. Security Clearance Requirement
Active Secret clearance Job Requirements
Strong written and verbal communication skills. Create detections and automation to detect, contain, eradicate, and recover from security threats. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTPs (Tactics, Techniques, and Procedures). Conduct proactive hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities. Solid knowledge of TCP/IP networking, and network services such as DNS, SMTP, DHCP, etc. Understanding of attacker tradecraft related to email, app-based, cloud threats, and defensive tactics. Good knowledge of operating system internals, OS security mitigations, and security challenges in Windows, Linux, Mac, Android & iOS platforms. Experience with forensic tools (e.g., EnCase, Sleuthkit, FTK). Ability to analyze malicious code (malware forensics). Skill in analyzing code as malicious or benign. Knowledge of system and application security threats and vulnerabilities. Apply threat hunting and the MITRE ATT&CK framework to identify and develop detection capabilities. Certifications/Licenses
Bachelor’s degree or higher. 5+ years’ experience in cyber threat hunting and forensics support for incident response. Active Secret clearance or higher. Salary Range:
$102,600 - $117,500 Responsibilities
Identify threat tactics and methodologies using frameworks like MITRE ATT&CK. Perform hypothesis-based or intelligence-based cyber threat hunts. Use cloud-native techniques for threat detection and response. Research intelligence reports for actionable data. Analyze large datasets to uncover attack techniques. Investigate and analyze intrusion artifacts. Create forensic images and maintain chain of custody. Report findings and ensure evidence integrity. Extract data using forensic techniques. Desired Skills
Exposure to Python, PowerShell, or bash. Proficiency with SIEM query languages (Splunk, Sentinel). Experience producing threat intelligence reports. Ability to analyze memory dumps and media forensics. ECS is an equal opportunity employer and does not discriminate on any protected characteristic.
#J-18808-Ljbffr
Cyber Defense Forensics Analysts - Mid
role at
ECS . 1 day ago Be among the first 25 applicants Join to apply for the
Cyber Defense Forensics Analysts - Mid
role at
ECS . Job Description
ECS is seeking a
Cyber Defense Forensics Analysts - Mid
to work in our
Washington, DC
office. Position Summary
ECS Federal is a leading information security and information technology company in Washington, DC. We are looking to hire a mid-level Cyber Defense Forensics Analyst to support a full range of cyber security services on a long-term contract in Washington DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance. Security Clearance Requirement
Active Secret clearance Job Requirements
Strong written and verbal communication skills. Create detections and automation to detect, contain, eradicate, and recover from security threats. Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques. Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTPs (Tactics, Techniques, and Procedures). Conduct proactive hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities. Solid knowledge of TCP/IP networking, and network services such as DNS, SMTP, DHCP, etc. Understanding of attacker tradecraft related to email, app-based, cloud threats, and defensive tactics. Good knowledge of operating system internals, OS security mitigations, and security challenges in Windows, Linux, Mac, Android & iOS platforms. Experience with forensic tools (e.g., EnCase, Sleuthkit, FTK). Ability to analyze malicious code (malware forensics). Skill in analyzing code as malicious or benign. Knowledge of system and application security threats and vulnerabilities. Apply threat hunting and the MITRE ATT&CK framework to identify and develop detection capabilities. Certifications/Licenses
Bachelor’s degree or higher. 5+ years’ experience in cyber threat hunting and forensics support for incident response. Active Secret clearance or higher. Salary Range:
$102,600 - $117,500 Responsibilities
Identify threat tactics and methodologies using frameworks like MITRE ATT&CK. Perform hypothesis-based or intelligence-based cyber threat hunts. Use cloud-native techniques for threat detection and response. Research intelligence reports for actionable data. Analyze large datasets to uncover attack techniques. Investigate and analyze intrusion artifacts. Create forensic images and maintain chain of custody. Report findings and ensure evidence integrity. Extract data using forensic techniques. Desired Skills
Exposure to Python, PowerShell, or bash. Proficiency with SIEM query languages (Splunk, Sentinel). Experience producing threat intelligence reports. Ability to analyze memory dumps and media forensics. ECS is an equal opportunity employer and does not discriminate on any protected characteristic.
#J-18808-Ljbffr