Arsiem25d ago

Incident Response Expert IV

United States·ArlingtonFull-timemid

OtherExpert

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

About ARSIEM Corporation At ARSIEM Corporation we are committed to fostering a proven and trusted partnership with our government clients.

Technical Tools

OtherExpert

About ARSIEM Corporation

At ARSIEM Corporation we are committed to fostering a proven and trusted partnership with our government clients. We provide support to multiple agencies across the United States Government. ARSIEM has an experienced workforce of qualified professionals committed to providing the best possible support.

As demand increases, ARSIEM continues to provide reliable and cutting-edge technical solutions at the best value to our clients. That means a career packed with opportunities to grow and the ability to have an impact on every client you work with.

ARSIEM is looking for a Cyber Eviction Analyst to support on-site incident response to civilian Government agencies and critical asset owners who experience cyber attacks, providing immediate investigation and resolution. This position will support one of our Government clients in Arlington, VA.

Serves as hunt and incident response subject matter expert (SME), applying in-depth knowledge on threat actor (TA) tools, techniques, and procedures (TTPs)

Distills analytic findings into executive summaries and in-depth technical reports

Provide expert support, analysis, and research with only broad direction into exceptionally complex problems and processes relating to the subject matter as it relates to hunt and incident response activities

Serves as technical expert on high-level incident response teams providing technical direction, interpretation, and alternatives

Exercises considerable latitude in determining technical objectives of an assignment or task at hand

Independently develops technical solutions to complex problems that require the regular use of ingenuity and creativity

Analyzes incident data and victim environments to recommend targeted mitigations

Advise technical personnel on countermeasure implementation and customization

Supports internal stakeholders on containment and eradication missions

Documents analysis in a standardized knowledgebase for sharing and publication

Assists in maintaining branch process and procedure documentation

Guides the completion of hunt and incident response activities

BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 10+ years of technical experience in the area of expertise.

8+ years of directly relevant experience in the area of expertise

Must be able to travel domestically on short notice

Strong understanding of network architecture/security

Experience performing cyber incident response

Ability to think independently

Demonstrates superior written and oral communication skills

Must be able to work collaboratively across physical locations

Skilled in identifying different classes of attacks and attack stages

Understanding of system and application security threats and vulnerabilities

Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources

Proficiency with common operating systems (e,g, Linux/Unix, Windows)

Experience leading and mentoring technical teams

Knowledge of Computer Network Defense policies, procedures and regulations

Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, returnoriented attacks, and malicious code)

Network and System administration experience

Strong understanding of adversarial tactics/techniques/procedures (TTPs)

Experience with Identity and Access Management (IAM) tools

Ability to review and analyze Enterprise Architecture (EA) from a security perspective

Understanding of cyber defense-in-depth principles

Hands-on skill in host/network intrusion detection

Ability to perform event correlation

Experience with malicious activity analysis

Ability to collaborate with stakeholders at multiple levels within an organization

Desired Certifications: One or more
DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst
DoD 8140.01 GCIA, GCIH, CSSP Analyst/CSSP Incident Responder
DoD 8140.01 CEH, CSSP Analyst

SANS GIAC GNFA preferred

SANS GRID, GICSP, or GCIP a plus