Description
Cyber Network Defense Analysts (CNDA) with Cloud Forensics
Location: Arlington, VA
Must have an active Top Secret Security Clearance
Node is seeking Cyber Network Defense Analysts (CNDA) with Cloud Forensics experience to support this critical customer mission.
Responsibilities:
- Acquire/collect computer artifacts and logs in support of onsite and remote engagements- Triage electronic devices and assess evidentiary value- Correlate forensic findings to network events in support of developing an intrusion narrative- Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required- Perform forensic triage of an incident to include determining scope, urgency, and potential impact- Track and document forensic analysis from initial participation through resolution- Collect, process, preserve, analyze, and present computer-related evidence- Coordinate with Government staff and customer personnel to validate/investigate alerts or additional preliminary findings- Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products- Support cloud development and automation projects to enhance threat emulation capabilities- Assist to document Computer Network Defense (CND) guidance and create reports pertaining to incident findings
Requirements
Required Skills/Clearances:
- U.S. Citizenship-
Active TS/SCI clearance
- Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability-
10+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools
-
In-depth understanding of SaaS, PaaS, and IaaS in the Cloud Environment
- Ability to create forensically sound duplicates of evidence (forensic images)- Ability to author cyber investigative reports documenting digital forensics findings- Proficiency with analysis and characterization of cyber attacks- Knowledge of cloud development and automation tools such as Terraform, Kubernetes, AWS CloudFormation, Azure Resource Manager, and Docker.- Skilled in identifying different classes of attacks and attack stages- Understanding of system and application security threats and vulnerabilities- Understanding of proactive analysis of systems and networks, including creating trust levels of critical resources
Desired Skills:
- Knowledge of strategies/architectures involved in implementing M365/Azure authentication, how these relate to a federated identity solution, and a fundamental understanding of how threat actors would target identity to compromise an environment- Advanced experience and proficiency across various aspects of IT operations (e.g. networking, virtualization, identity, security, business continuity, disaster recovery, data management, governance)- Experience and understanding in the acquisition, processing, and analysis of digital evidence from onsite enterprises and cloud-native platforms- Fundamental understanding of APIs and proficiency with PowerShell/PowerShell modules leveraged to conduct API queries as they relate to Azure/M365- Proficiency with scripting languages (e.g.
Bash, Python, PowerShell, JS) for automation of hunt tools used in commercial cloud environments- Ability to develop tools, architecture, and configurations in Azure environment to support identifying threat actor activity.- Understanding of how Azure/M365 platform protection is implemented and security operations available
Required Education:
BS Computer Science, Cybersecurity, Computer Engineering, or related degree; or HS Diploma & 4-6 years of host or digital forensics experience.
Desired Certifications:
- One or more of the following certifications: GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS certifications, Microsoft Azure associated certifications.
Company Overview:
Node. Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.Our Core Values help us in our mission. They include:OUR CORE VALUESIdentifying the~RIGHT PEOPLE~and developing them to their full capabilitiesOur customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partnerWe believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellenceOur mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions
Benefits
We are proud to offer competitive compensation and benefits packages to include:
- Medical
- Dental
- Vision
- Basic Life
- Long-Term Disability
- Health Saving Account
- 401K
- Three weeks of PTO
- 10 Paid Holidays
- Pre-Approved Online Training