Cyber Defense Forensics Lead | Req#2760
ActioNet is looking for a Cyber Defense Forensics Lead with a solid understanding of incident response, insider threat investigations, forensics, cyber threats and information security. This position will support a civilian agency Security Operations Center.
This position performs host-based and network-based security monitoring, identifies and analyzes anomalous activities with familiarity in insider threat monitoring software, host- based forensic tools, intrusion detection systems, intrusion analysis functions, security information event management (SIEM) platforms, endpoint threat detection tools, and security operations ticket management. The Cyber Defense Forensics Lead will create insider threat focused dashboards, reports and workflow diagrams. Collect data and report results; handle and escalate security issues or emergency situations appropriately; provide incident response capabilities to isolate and mitigate threats to maintain confidentiality, integrity, and availability for protected data. Conduct enterprise and individual system(s) endpoint (e.g., Windows, Linux, Mac, and Cloud systems) and network based digital forensic analysis in support of Cyber Defense Forensics or Insider Threat investigations. Conduct formal digital forensic investigations and document findings in formal investigation reports.
It is simple. We are passionate about the inspirational missions of our customers and we entrust our employees and teams to deliver exceptional performance to enable the safety, security, health, and well-being of our nation.
- Must have 7+ years related IT security experience
- 5+ years security monitoring, digital forensics, intrusion detection and prevention, SIEM platforms, identifying and analyzing anomalous activities with familiarity in insider threat monitoring software, security operations ticket management
- US citizen
- DoD TS with SCI eligibility
- Related degree
- GCIA, GCIH, GCFA
What's in It For You?
As an ActioNeter, you get to be part of exceptional team and a corporate culture that nurtures mutual success for our customers, employees and our communities. We give you the tools to be successful; all you need to do is bring your best ideas, your energy and a desire to develop your skills, experience and career.
Are you ready to make a difference?
ActioNet is an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.