Energy Jobline ZR
Host Based Systems Analyst III in Arlington
Energy Jobline ZR, Arlington, Virginia, United States, 22201
Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub. We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy and engineering jobs, and work with the leading energy companies worldwide.
We focus on the Oil & Gas, Renewables, Engineering, Power, and Nuclear markets as well as emerging technologies in EV, Battery, and Fusion. We are committed to ensuring that we offer the most exciting career opportunities from around the world for our jobseekers.
Job DescriptionJob Description
Title: Host Based Systems Analyst III Arlington, VA
Description:
Su prime contractor and their U.S. Government customer on a large mission‑critical provide remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host‑based, network‑based, and cloud‑based cybersecurity analysis capabilities. Personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Seeking
Cyber Network Defense Analysts (CNDA)
with Cloud Forensics experience to support this critical customer mission.
Eligibility:
Must be a US
Must have an active
TS/SCI
clearance
Must be able to obtainDHS Suitabilityprior to starting employment
5+ years
of direct relevant experience in cyber forensic investigations using leading tools and techniques
Responsibilities Include:
Conduct forensic acquisition and analysis from on‑premises and cloud platforms (Entra ID/Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration.
Investigate and respond to incidents and attacks targeting cloud and hybrid .
Correlate cloud control‑plane events and network telemetry (e.g., Azure Activity Logs, AWS CloudTrail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post‑compromise privilege escalation.
Develop and operationalize detection logic and automation using cloud‑tools (Microsoft Defender, Sentinel, AWS GuardDuty, GCP Chronicle) and scripting (PowerShell, Python, Bash), integrating threat intelligence feeds and indicators.
Produce technical reports, incident documentation, and containment recommendations integrating cloud, , and endpoint findings; support development of incident response playbooks and procedures for cloud and hybrid environments.
Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities.
Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings.
Required Skills:
Strong understanding of SaaS, PaaS, and IaaS in cloud environments, and hybrid security.
Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings.
Knowledge of M365/Azure, hybrid , and threats targeting these solutions.
Knowledge of AWS, IAM, and best practices for cloud security.
Desired Skills:
Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection.
Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker).
Desired Certifications: One or more of the following certifications: GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS or Microsoft Cloud/Security certifications
Required Education: BS in Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and
7+ years
of relevant experience
EEO If you are interested in applying for this job please press the Apply Button and follow the application process. Energy Jobline wishes you the very best of luck in your next career move.
#J-18808-Ljbffr
We focus on the Oil & Gas, Renewables, Engineering, Power, and Nuclear markets as well as emerging technologies in EV, Battery, and Fusion. We are committed to ensuring that we offer the most exciting career opportunities from around the world for our jobseekers.
Job DescriptionJob Description
Title: Host Based Systems Analyst III Arlington, VA
Description:
Su prime contractor and their U.S. Government customer on a large mission‑critical provide remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host‑based, network‑based, and cloud‑based cybersecurity analysis capabilities. Personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Seeking
Cyber Network Defense Analysts (CNDA)
with Cloud Forensics experience to support this critical customer mission.
Eligibility:
Must be a US
Must have an active
TS/SCI
clearance
Must be able to obtainDHS Suitabilityprior to starting employment
5+ years
of direct relevant experience in cyber forensic investigations using leading tools and techniques
Responsibilities Include:
Conduct forensic acquisition and analysis from on‑premises and cloud platforms (Entra ID/Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration.
Investigate and respond to incidents and attacks targeting cloud and hybrid .
Correlate cloud control‑plane events and network telemetry (e.g., Azure Activity Logs, AWS CloudTrail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post‑compromise privilege escalation.
Develop and operationalize detection logic and automation using cloud‑tools (Microsoft Defender, Sentinel, AWS GuardDuty, GCP Chronicle) and scripting (PowerShell, Python, Bash), integrating threat intelligence feeds and indicators.
Produce technical reports, incident documentation, and containment recommendations integrating cloud, , and endpoint findings; support development of incident response playbooks and procedures for cloud and hybrid environments.
Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities.
Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings.
Required Skills:
Strong understanding of SaaS, PaaS, and IaaS in cloud environments, and hybrid security.
Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings.
Knowledge of M365/Azure, hybrid , and threats targeting these solutions.
Knowledge of AWS, IAM, and best practices for cloud security.
Desired Skills:
Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection.
Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker).
Desired Certifications: One or more of the following certifications: GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS or Microsoft Cloud/Security certifications
Required Education: BS in Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and
7+ years
of relevant experience
EEO If you are interested in applying for this job please press the Apply Button and follow the application process. Energy Jobline wishes you the very best of luck in your next career move.
#J-18808-Ljbffr