DFIR Engineer
Job Description
Job Purpose:
The DIFR engineer will support a Computer Incident Response Team (CIRT) in the detection, response, mitigation, and reporting of cyber threats affecting client networks as a Forensic Analyst. Provides specialized support by gathering, handling, examining, preparing, entering, and searching, retrieving, identifying and/or comparing digital and/or physical evidence. Uses forensically sound procedures to determine results. The DFIR engineer observes proper evidence custody and control procedures, documents procedures and findings and prepares comprehensive written notes and reports. Analyzes network/computer threats and mitigates vulnerabilities while limiting operational impact to the Computer Network Defense (CND) mission in support of the Cyber Security Operations Center (CSOC).
Responsibilities
. Provide support in the detection, response, mitigation, and reporting of cyber threats affecting client networks
. Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
. Produce reports and briefs to provide an accurate depiction of the current threat landscape and associated risk. This is accomplished through the use of customer, community, and open source reporting
. Provide analysis of correlated information sources
. Facilitate the customer's posturing itself to aggressively investigate cyber activity targeting customer and client information and its information infrastructure
. Assist the customer training department in the education of staff on the cyber threat
. Liaison with other agency cyber threat analysis entities, such as intra-agency and inter agency Cyber Threat Working Groups
. Maintaining proficiency in the use and production of visualization charts, link analysis diagrams, and database queries
. Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions.
. Additional duties may include providing intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments by provided support to the malware, forensics and mitigation teams.
. Meet and maintain customer required Information Assurance training compliance
Job Details
Employment Types:
Full time
Industry:
IT / Computers – Software
Function:
IT
Roles:
Security Analyst