Quadrant, Inc.
Overview
Forensics/Malware Analyst — Washington, DC
Pay From: $55.00 per hour
Must
Experienced Forensics/Malware Analyst
Must have one of the following certifications: GCIA, GCIH, GMON, GDAT, Splunk Core Power User
Priority if you have one of the following certs: SANS, GCFA cert, EnCase Certified Examiner cert or Volatility
5 years of experience performing incident response activities for cloud-based and non-cloud-based environments, such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler
5 years of experience analyzing forensic artifacts, performing filesystem timeline analyses, and identifying intrusion root causes of operating systems (e.g., Windows, Linux, and macOS)
5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g., CrowdStrike) and custom scripts
5 years of experience utilizing the following forensics tools:
Splunk to perform live forensic analysis
Magnet AXIOM to acquire, analyze, and report on digital evidence
Volatility framework to analyze volatile memory (RAM) dumps
Must have ability to perform required forensics/malware analyst duties, including:
Create duplicates of evidence that ensure the original evidence is not unintentionally modified
Extracting deleted data using data carving techniques
Performing static and dynamic malware analysis to discover indicators of compromise (IOCs)
Bachelors degree preferred
DUTIES
Provides digital forensics and incident response support to the Security Operations Center (SOC).
Collects, analyzes, and evaluates forensic artifacts associated with threat activity against Judiciary networks.
Produces forensics reports to assist the SOC and the Courts in understanding the nature and impact of cyber incidents and in prioritizing risk mitigation across the Judicial Branch of Government.
Accepts and responds to government technical requests through AOUSC ITSM tickets (e.g., HEAT or Service Now) for advanced SME technical investigative support for real-time incident response (IR).
IR includes cloud-based and non-cloud-based applications such as Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (e.g., Zscaler).
Create duplicates of evidence that ensure the original evidence is not unintentionally modified. Use AOUSC supplied procedures and tools to acquire the evidence.
Analyze forensic artifacts of operating systems (Windows, Linux, macOS) to discover intrusion elements and identify root cause.
Perform live forensic analysis based on SIEM data (e.g., Splunk).
Perform filesystem timeline analysis for inclusion in forensic reports.
Extract deleted data using data carving techniques.
Collect and analyze data from compromised systems using EDR agents and custom scripts provided by AOUSC.
Perform static and dynamic malware analysis to discover indicators of compromise (IOC).
Analyze memory images to identify malicious patterns using Judiciary tools (e.g., Volatility). Document analysis results in forensics reports.
Additional forensics/malware analysis activities may include: identify and communicate cybersecurity threats and risks with clarity; reduce adversary dwell time within judicial networks; analyze security incidents for root cause and improvement opportunities.
Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability.
#J-18808-Ljbffr
Pay From: $55.00 per hour
Must
Experienced Forensics/Malware Analyst
Must have one of the following certifications: GCIA, GCIH, GMON, GDAT, Splunk Core Power User
Priority if you have one of the following certs: SANS, GCFA cert, EnCase Certified Examiner cert or Volatility
5 years of experience performing incident response activities for cloud-based and non-cloud-based environments, such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler
5 years of experience analyzing forensic artifacts, performing filesystem timeline analyses, and identifying intrusion root causes of operating systems (e.g., Windows, Linux, and macOS)
5 years of experience collecting and analyzing data from compromised systems using EDR agents (e.g., CrowdStrike) and custom scripts
5 years of experience utilizing the following forensics tools:
Splunk to perform live forensic analysis
Magnet AXIOM to acquire, analyze, and report on digital evidence
Volatility framework to analyze volatile memory (RAM) dumps
Must have ability to perform required forensics/malware analyst duties, including:
Create duplicates of evidence that ensure the original evidence is not unintentionally modified
Extracting deleted data using data carving techniques
Performing static and dynamic malware analysis to discover indicators of compromise (IOCs)
Bachelors degree preferred
DUTIES
Provides digital forensics and incident response support to the Security Operations Center (SOC).
Collects, analyzes, and evaluates forensic artifacts associated with threat activity against Judiciary networks.
Produces forensics reports to assist the SOC and the Courts in understanding the nature and impact of cyber incidents and in prioritizing risk mitigation across the Judicial Branch of Government.
Accepts and responds to government technical requests through AOUSC ITSM tickets (e.g., HEAT or Service Now) for advanced SME technical investigative support for real-time incident response (IR).
IR includes cloud-based and non-cloud-based applications such as Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (e.g., Zscaler).
Create duplicates of evidence that ensure the original evidence is not unintentionally modified. Use AOUSC supplied procedures and tools to acquire the evidence.
Analyze forensic artifacts of operating systems (Windows, Linux, macOS) to discover intrusion elements and identify root cause.
Perform live forensic analysis based on SIEM data (e.g., Splunk).
Perform filesystem timeline analysis for inclusion in forensic reports.
Extract deleted data using data carving techniques.
Collect and analyze data from compromised systems using EDR agents and custom scripts provided by AOUSC.
Perform static and dynamic malware analysis to discover indicators of compromise (IOC).
Analyze memory images to identify malicious patterns using Judiciary tools (e.g., Volatility). Document analysis results in forensics reports.
Additional forensics/malware analysis activities may include: identify and communicate cybersecurity threats and risks with clarity; reduce adversary dwell time within judicial networks; analyze security incidents for root cause and improvement opportunities.
Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability.
#J-18808-Ljbffr