Solutions³ LLC
Title: Host Based Systems Analyst III
Solutions³ LLC is supporting our prime contractor and their U.S. Government customer on a large mission‑critical provide remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host‑based, network‑based, and cloud‑based cybersecurity analysis capabilities. Personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Solutions³ LLC is seeking
Host Forensics Analysts
to support this critical customer mission.
Eligibility
Must be a
US Citizen
Must have an
active TS/SCI
clearance
Must be able to obtain DHS Suitability prior to starting employment
Must have
5+ years
of direct relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
Responsibilities
Assists with leading and coordinating forensic teams in preliminary investigations
Plans, coordinates and directs the inventory, examination and comprehensive technical analysis of computer related evidence
Distills analytic findings into executive summaries and in‑depth technical reports
Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols
Tracks and documents on‑site incident response activities and provides updates to leadership throughout the engagement
Evaluates, extracts and analyzes suspected malicious code
Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements
Triage electronic devices and assess evidentiary value
Correlate forensic findings to network events in support of developing an intrusion narrative
Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required
Perform forensic triage of an incident to include determining scope, urgency and potential impact
Track and document forensic analysis from initial participation through resolution
Collect, process, preserve, analyze and present computer related evidence
Conduct analysis of forensic images, and available evidence in support of forensic write‑ups for inclusion in reports and written products
Assist in documenting and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings
Required Skills
Proficiency with two or more of the following tools:
EnCase
FTK
SIFT
X‑Ways
Volatility
WireShark
Sleuth Kit/Autopsy
Splunk
Snort
Other EDR Tools (CrowdStrike, Carbon Black, etc.)
Proficiency conducting all‑source research.
Desired Skills
Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection.
Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker).
Desired Certifications One or more of the following certifications: GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP
Required Education BS in Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and
7+
years of host or digital forensics experience
#J-18808-Ljbffr
Solutions³ LLC is supporting our prime contractor and their U.S. Government customer on a large mission‑critical provide remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host‑based, network‑based, and cloud‑based cybersecurity analysis capabilities. Personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Solutions³ LLC is seeking
Host Forensics Analysts
to support this critical customer mission.
Eligibility
Must be a
US Citizen
Must have an
active TS/SCI
clearance
Must be able to obtain DHS Suitability prior to starting employment
Must have
5+ years
of direct relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
Responsibilities
Assists with leading and coordinating forensic teams in preliminary investigations
Plans, coordinates and directs the inventory, examination and comprehensive technical analysis of computer related evidence
Distills analytic findings into executive summaries and in‑depth technical reports
Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols
Tracks and documents on‑site incident response activities and provides updates to leadership throughout the engagement
Evaluates, extracts and analyzes suspected malicious code
Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements
Triage electronic devices and assess evidentiary value
Correlate forensic findings to network events in support of developing an intrusion narrative
Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required
Perform forensic triage of an incident to include determining scope, urgency and potential impact
Track and document forensic analysis from initial participation through resolution
Collect, process, preserve, analyze and present computer related evidence
Conduct analysis of forensic images, and available evidence in support of forensic write‑ups for inclusion in reports and written products
Assist in documenting and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings
Required Skills
Proficiency with two or more of the following tools:
EnCase
FTK
SIFT
X‑Ways
Volatility
WireShark
Sleuth Kit/Autopsy
Splunk
Snort
Other EDR Tools (CrowdStrike, Carbon Black, etc.)
Proficiency conducting all‑source research.
Desired Skills
Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection.
Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker).
Desired Certifications One or more of the following certifications: GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP
Required Education BS in Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and
7+
years of host or digital forensics experience
#J-18808-Ljbffr