RadiantHire Solutions, Inc.
Host Based System Analyst
RadiantHire Solutions, Inc., Arlington, Virginia, United States, 22201
Overview
Title:
Host Based Systems Analyst IV Description:
Our client provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. They are seeking experienced
Cyber Network Defense Analysts (CNDA)
with Cloud Forensics experience to provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Eligibility
Must be a
US Citizen Must have an
active TS/SCI
clearance Must be able to obtain DHS Suitability prior to starting employment 8+ years
of direct relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools Responsibilities Include
Conduct forensic acquisition and analysis from on-premises and cloud platforms (Entra ID/Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration.
Investigate and respond to incidents and attacks targeting cloud and hybrid identity.
Correlate cloud control-plane events and network telemetry (e.g., Azure Activity Logs, AWS CloudTrail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post-compromise privilege escalation.
Develop and operationalize detection logic and automation using cloud-native tools (Microsoft Defender, Sentinel, AWS GuardDuty, GCP Chronicle) and scripting (PowerShell, Python, Bash), integrating threat intelligence feeds and indicators.
Produce technical reports, incident documentation, and containment recommendations integrating cloud, identity, and endpoint findings, support development of incident response playbooks and procedures for cloud and hybrid environments.
Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities.
Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings.
Required Skills
Strong understanding of SaaS, PaaS, and IaaS in cloud environments, and hybrid identity security.
Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings.
Knowledge of M365/Azure, hybrid identity, and threats targeting these solutions.
Knowledge of AWS, IAM, and best practices for cloud identity security.
Desired Skills
Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection.
Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker).
Desired Certifications
GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS or Microsoft Cloud/Security certifications. Required Education
BS Computer Science, Cybersecurity, Computer Engineering, or related degree; or HS Diploma and
10+ years
of relevant experience
#J-18808-Ljbffr
Title:
Host Based Systems Analyst IV Description:
Our client provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. They are seeking experienced
Cyber Network Defense Analysts (CNDA)
with Cloud Forensics experience to provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Eligibility
Must be a
US Citizen Must have an
active TS/SCI
clearance Must be able to obtain DHS Suitability prior to starting employment 8+ years
of direct relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools Responsibilities Include
Conduct forensic acquisition and analysis from on-premises and cloud platforms (Entra ID/Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration.
Investigate and respond to incidents and attacks targeting cloud and hybrid identity.
Correlate cloud control-plane events and network telemetry (e.g., Azure Activity Logs, AWS CloudTrail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post-compromise privilege escalation.
Develop and operationalize detection logic and automation using cloud-native tools (Microsoft Defender, Sentinel, AWS GuardDuty, GCP Chronicle) and scripting (PowerShell, Python, Bash), integrating threat intelligence feeds and indicators.
Produce technical reports, incident documentation, and containment recommendations integrating cloud, identity, and endpoint findings, support development of incident response playbooks and procedures for cloud and hybrid environments.
Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities.
Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings.
Required Skills
Strong understanding of SaaS, PaaS, and IaaS in cloud environments, and hybrid identity security.
Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings.
Knowledge of M365/Azure, hybrid identity, and threats targeting these solutions.
Knowledge of AWS, IAM, and best practices for cloud identity security.
Desired Skills
Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection.
Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker).
Desired Certifications
GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS or Microsoft Cloud/Security certifications. Required Education
BS Computer Science, Cybersecurity, Computer Engineering, or related degree; or HS Diploma and
10+ years
of relevant experience
#J-18808-Ljbffr