Digital Forensics Security Engineer needed for a contract to hire position in Rockville, MD.
Seeking an information security engineer who will be a key member of a consulting team providing advice and support, to federal agencies, in the areas of Information Security.
This role will be primarily responsible for conducting digital forensic operations and supporting Threat Detection efforts and different phases of Computer Security Incident Response (CSIR).
Conduct digital forensic analysis through, evidence acquisition, evidence analysis, email forensics, registry analysis, user forensic analysis, data carving, artifact analysis, memory analysis, file analysis, log analysis, browser analysis, timeline analysis, file system analysis, malware analysis, anti-forensic detection analysis, social media forensic analysis among others.
Gather and analyze information for defining requirements, specifications and issues to support the development of new policies, standards, and procedures or update existing ones.
Work with a team of diverse individuals and cross-functional teams to solve unique and complex problems with broad impact on the business.
Provide clear updates to management on security incidents; Investigate, document, and report on information security issues and emerging trends
Write and publish cyber defense recommendations, reports, and white papers on incident findings to appropriate constituencies.
Participate in industry task forces and working groups where appropriate to understand current and future threats and monitor security-related websites (US-CERT, SANS Internet Storm Center, etc.) and mailing lists (DHS Infrastructure, BugTraq, etc.) to stay up to date on current attacks and trends.
BA or BS degree in MIS, CS, or related cybersecurity discipline or equivalent experience.
Industry standard certifications such as EnCE or related GIAC (preferred but not required).
Minimum 1.5 years' experience in Information Security is required along with excellent knowledge of at least 3 of the following: Law enforcement evidence seizure process, Malware analysis or reverse engineering, Timeline Analysis, Carving, compiling and analyzing security incident related artifacts or Network forensics
Overall Risk Management processes (e.g., methods for assessing, mitigating and accepting risks).
Cybersecurity principles, security models, organizational requirements (w.r.t. confidentiality, integrity, availability, authentication, non-repudiation), cyber threats, risks and vulnerabilities, cryptography and cryptographic key management concepts, host/network access control mechanisms (e.g., ACLs), network access, identity, & access management (e.g., PKIs), Computer networking concepts and protocols, and network security methodologies.
Knowledge of cyber threats and vulnerabilities; Ethical hacking principles, general attack stages; Specific operational impacts of cybersecurity lapses; programming language structures and logic.
File hash\signature analysis, anti-forensic detection techniques, and malware analysis.
Able to communicate, verbally and in writing, complex technical issues with simplicity & clarity.
Able to exercise discretion and maintain confidentiality.
Proficient in reporting and answering analytical questions during investigations.
Applicants selected will be subject to a Public Trust background security investigation and may need to meet eligibility requirements for access to sensitive information. s or Permanent Residents only.
THIRD PARTY AGENCIES, SUBCONTRACTORS, AND RECRUITERS NEED NOT APPLY. Applicants received from firms will not be considered. Subcontracting is not available for this position.