Tyto Athene is searching for a Junior Digital Forensics Incident Response Analyst to support our customer in Arlington, Virginia. Responsibilities: * Utilize state-of-the-art technologies such as EDR, SEIM, and full packet capture to perform hunt and investigative activity to examine endpoint and network-based activity * Conduct host and network forensics, log analysis, triage, and malware analysis in support of incident response * Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes * Contribute to rule and signature creation for cybersecurity tools * Lead IR activities and provide regular incident updates to key stakeholders and executive leadership * Serve as an incident point of contact with law enforcement, third-party vendors, and other external parties * Work with key stakeholders to implement remediation plans in response to incidents * Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership * Capture cybersecurity metrics in direct support to regular tactical and executive-level briefings (daily, weekly, monthly, quarterly, annual, and ad hoc) * Create IR and forensics reports documenting findings, detailed analysis, recommendations, and lessons learned. * Act as a technical escalation point for SOC Watch Floor and mentor junior staff * Author Standard Operating Procedures (SOPs) and training documentation when needed Required: * Bachelor’s degree in Computer Science, Information Technology, or related field * 2 years of relevant experience * Experience with EDR and SIEM technologies * Advanced knowledge of TCP/IP protocols * Knowledge of Windows and Linux operating systems * Understanding of MITRE ATT&CK and D3FEND * Knowledge of advanced attacker tools, techniques, and procedures (TTP) * Current malware campaigns TTPs * Experience with malware analysis * Experience with digital forensics tools and case procedures * Deep packet and log analysis * Knowledge of enterprise architecture including zero trust principles * Common phishing techniques and how to investigate them * Proficiency in technical writing * Experience in customer service or client-facing roles * Experience presenting and speaking to leadership * The ability to mentor Tier 1 and Tier 2 analysts Desired: * Working knowledge of regex and scripting languages is highly preferred * Additional relevant certifications such as those from GIAC or CompTIA * Experience with major cloud service provider offerings * Knowledge of offensive security tools and techniques * Experience with cyber threat intelligence gathering and analysis * Experience with cyber threat hunting Clearance:Active Secret clearance required Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released. Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week. After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise. Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career — it’s time to join Team Tyto! Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
To apply for this job please visit click.appcast.io.