Live Incident Handling
Vectrus
Kuwait
منذ 2 يوم

Live Incident Handling(PEN001630)

Description

Position Summary : Capture and perform initialanalysis on captured volatile data, log data, captured network traffic data,etc.

to identify any immediate intrusion related artifacts which in turn willallow immediate defensive countermeasures to be implemented.

The Contractorshall develop necessary procedures or scripts to identify such data.

Major Job Activities : Immediately upon capture of volatile data and / or power down ofeach individual system, in conjunction with Army Cyberspace Operations andIntegration Center / Forensic Malware Analysis / Regional Cyber Center(ACOIC FMA RCC) request, coordinate the shipment of original forensic evidence(hard drive, USB drive, etc.

to ACOIC G33 DCO FMA for forensic imaging.Individual files identified or suspected of being malicious will be sent bye-mail in one of several formats to the G33 DCO FMA distribution list, who will in turn analyzethe files by automated malicious code analysis and / or by staticanalysis / dynamic analysis / reverse engineering performed by G33 DCO FMA malwareanalysts.

Works and interacts with other DCO professionals internal andexternal to Army Cyber Command, with Law Enforcement and Counter IntelligenceLNO's, and intelligence professionals as a technical specialist to understandhigher-level adversary capability.

Document, update and enhance processes andprocedures by producing training materials, standards documents and reports.

Qualifications

Minimum Qualifications : Bachelor's Degree in a related field, or 4 yearsof additional experience.

  • One or more of the following certifications mustbe held to achieve the required IA Category and Level, IAW DoD 8570.01-M andBBP 05-PR-M-0002 : IAT Level II Baseline Certification;
  • IAM Level II BaselineCertification; CSSP-A Baseline Certification; CSSP-IS Baseline Certification;Additional CE certifications as required for the operating system(s) and / orsecurity related tools / devices.

    Preferred : CSSP-IR and E : IAT III

    Experience : The Contractor employees shall possess in-depth knowledge,experience, and certifications with commercial computer incident triage toolsincluding but not limited to : CCIU LogCollector, EnCase Enterprise / Cybersecurity, AccessData eDiscovery, Mandiant Redline, Tanium, etc.

    TheContractor personnel shall require full working knowledge and experience withall Windows OS platforms including but not limited to : Windows 7 / 8 / 10, Server2K3 / 2K8 / 2012 / 2016, etc.

    The Contractor employees shall require full workingknowledge and experience with varying flavors of Unix / Linux platforms, andApple based operating systems.

    Forensic Analysis ( Deadbox ) and MalwareAnalysis is performed exclusively at ACOIC G33 DCO FMA).

    Tasks will be performed under general supervision.

    Kuwait

    Information TechnologyClearance Level required at Start Date : TS / SCI

    Travel

    Yes, 5 % of the TimeWe are committed to an inclusive and diverse workplace that values and supports the contributions of each individual.

    This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace.

    Vectrus is an Equal Opportunity / Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability.

    EOE / Minority / Female / Disabled / Veteran.

    بلغ عن هذه الوظيفة
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    قدِّم طلب ترشيحك
    بريدي الالكتروني
    بالضغط على "واصل" ، أعطي موافقة neuvoo على معالجة بياناتي وإرسال تنبيهات إلي بالبريد الإلكتروني ، على النحو المفصل في سياسة خصوصية لـneuvoo . يجوز لي سحب موافقتي أو إلغاء الاشتراك في أي وقت.
    واصل
    استمارة الطلب