Longeviti LLC is searching for a Computer Forensic and Intrusion Analyst (Senior). Longeviti is a government contractor specializing in providing professional support services in fields of information technology, program management, agency administration, intelligence analysis, language translation, culture immersion, and serving as opposing forces/role players. We are a certified 8(a) and small disadvantaged business that excels in the market having earned our status as an ISO 9001 certified provider of services and are rated as CMMI Level 3 in both Development and Services. Quality and continuous improvement are basic tenets of the organization and giving our staff the tools to make it happen are a trademark. Customer satisfaction is paramount.
Longeviti seeks a Computer Forensic and Intrusion Analyst (Senior) to provide mission support to the Department of Defense Cyber Crime Center (DC3). This position will be a Senior Cybersecurity Intelligence Analyst for the DoD/Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE).
- Must have an active Secret security clearance. Only candidates with a current Secret clearance will be considered.
- Due to federal security clearance requirements, applicant must be a United States Citizen.
DUTIES AND RESPONSIBILITIES:
- Author strategic and tactical cyber threat reports that detail threats to the Defense Industrial Base for DIB and US Government partner consumption
- Candidates should have a strong background tracking Advanced Persistent Threat (APT) activity and associated Tactics, Techniques and Procedures (TTPs) that threaten data and information systems
- Products ultimately contribute to network defense and cyber threat awareness
REQUIRED EXPERIENCE, KNOWLEDGE, SKILLS, AND ABILITIES:
- Experienced in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection
- Experience with Domain Name Service records
- Experienced with Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
- Experience with intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity
- Experience with confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware, and system forensic analysis
- Experienced presenting technical information and analysis to groups up to 50 persons on a quarterly basis and experience briefing smaller groups up to 10 persons on a weekly basis
- Minimum of five years of experience tracking and profiling APT groups
- Comprehensive understanding of APT TTPs and indicators of compromise (IOC)
- A working understanding of cyber threat intelligence platforms to collect and correlate cyber threat information
- Deep understanding of operating systems: file structures, processes, services, and application execution
- Understanding of malware functionality, static and dynamic analysis, and ability to identify IOCs, attributes and understanding of signatures
- Experience writing detailed threat reports, based on own analytic initiative, and using multi-source intelligence and narrative analysis, which lead to a supported conclusion
- Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model and MITRE ATT&CK
- Experience performing focused research and analysis to write complete, accurate, relevant, and timely cyber threat intelligence reports to support network defense
- Ability to create and present compelling briefings to relay relevant cyber threat information to technical and non-technical audiences
- Flexibility to adapt to changing priorities and tight timelines
- Experience with basic usage of scripting languages such as Python, Powershell, Bash for automation and data analysis
- Two to four years SOC experience
- Several years of IC experience
- Expertise with VirusTotal Intelligence, DomainTools Iris
- Industry certifications; CEH, GCTI, GOSI, OSCP, GCED, GDAT, GDSA, GRID, GEVA, GPEN, GXPN
- Ability to develop Yara or Snort signatures
Alliant LCAT Description:
- Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others.
- Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Master’s degree.
Longeviti, LLC is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. US Citizenship is required for most positions.
Longeviti, LLC offers a competitive salary and a generous benefits package. This package includes medical, dental, vision, life, short and long-term disability insurances, and a 401(k)-retirement plan.