NikSoft Systems Corporation is a recognized Information Technology solutions provider. Founded in 1998 and based in Reston, Virginia, NikSoft is a CMMI Level 3 Certified company with an established reputation for excellence and on-time delivery with a consistently high customer satisfaction rating from its Federal Government and private consulting contracts.
Seeking a professional and experienced Forensics Analyst to join our team. The ideal candidate will be able to actively engage in computer and network forensics recovery and analysis during an active incident response and conducting live memory acquisitions, traditional dead box and network forensic collections.
- Keeps current on evolving and emerging technologies that may involve multi-disciplined intelligence and/or evoke new threats and interfaces with other organizations to maintain situational awareness, stay ahead of future threats and leverage best practices.
- Expert understanding of how malware works and how to identify traditional and advanced malware. Identify context of what the malware targeted, where it was installed and what communication points were created to determine where the data was routed to.
- Conduct ongoing assessments of forensic and incident response capabilities, practices and procedures. Determine gaps and recommend corrections/improvements that enable sustainable, repeatable processes with supporting procedural documentation.
- Conducting data forensic investigations for enterprise computer security incidents including but not limited to internal and external intellectual property theft, attacks/intrusions, and computer abuse.
- Demonstrated skill performing operational software/hardware testing on digital equipment and other electronic devices.
- Ability to follow through on leads until all possible avenues in investigating a case have been exhausted.
- Demonstrated skill in performing post-incident computer forensics without destruction of critical data.
- Over 5 years’ experience working in the areas of (intelligence, information security, network forensics, insider threat).
- Bachelors in computer science, international relations, information security, or a related field or equivalent experience.
- Certification in one or more of; Certified Ethical Hacker (CEH), Certified Penetration Tester (CPT), Certified Computer Forensics Examiner (CCFE), Certified Reverse Engineering Analyst (CREA), IACRB Certified Computer Forensics Examiner (CCFE), IACRB Certified Mobile Forensics Examiner (CMFE), and (ISC)2 Certified Cyber Forensics Professional (CCFP).
- Experience with creating automated log correlations in Splunk tool to identify anomalous and potentially malicious behavior.
- Knowledge of typical behaviors of both malware and threat actors and how common protocols and applications work at the network level, including DNS, HTTP, and SMB
- Strong Linux configuration and administration knowledge
- Experience with computer forensics tools such as EnCase, Access Data, and FTK
- Disure experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC), or Cyber Security Incident Response Center (CSIRC).
*Please be sure to indicate that you saw this position on Globaljobs.org*