Incident Response Analyst

Zachary Piper Solutions is seeking a Incident Response Analyst to join a long-term, classified federal program in New Carrollton, MD. This is a hybrid position that requires 1 day per week onsite. The Incident Response Analyst will be responsible for protecting the network and all the data/assets that sit on it, as well as handling proactive Threat Intelligence Analysis utilizing Open Source tools (OSINT).

MUST BE PUBLIC TRUST ELIGIBLE

Responsibilities of the Incident Response Analyst:

• Establishing normalized traffic and data flow baselines to identify anomalies.

• Developing technical theories based on threat intelligence.

• Identifying techniques, tactics and procedures used by adversaries, and based on the behavior patterns identified by findings. Demonstrate detailed knowledge of threat vectors and how they translate to cyber security risks for federal government.

• Developing alerting criteria to improve the Incident Response capability.

• Utilizing programming/scripting languages and log analysis/correlation techniques to identify existing threats that have made it through the network undetected.

Qualifications for the Incident Response Analyst:

• 5+ years of Cyber Security Experience.

• Incident Handling Experience working in SOC/CIRT Environment.

• Experience with Splunk Search Processing Language (SPL) to run queries.

• Experience working with PCAP tools to suspicious activity.

• Network stack design, implementation and function experience at all seven layers of OSI model.

• Strong Communication and Presentation Skills with the ability to follow policies, processes and procedures.

Compensation for the Incident Response Analyst:

• Salary Range: $70,000 - $85,000 depending on experiences & non-negotiable above this range

• Full Benefits: Cigna Medical, Dental, Vision, 401K, etc.

Keywords: Access, Firewall, HTTP, Kernel, Linux, Program Manager, Security, Windows, Threat Hunter, Cyber Security, Computer Security Incident Response Center, CSIRC, Cyber Threat Fusion Center, (CFTC), Network Architecture, Mid-Level, Mid Level, Security Architecture, Advanced Threat Analysis, ATAC, VAC, Vulnerability Analysis Cell, Remediate, Patch, Vulnerabilities, SOC, CIRT, SIEM, Splunk, Monitor, Traffic Flow, Incident, Wireshark, TCPdump, FireEye, Splunk ES, Zscaler, OSINT, Open Source, Netwitness, AV, IDS, RFI, malware IoC, SPL, Packet capture, Queries, OSI Model, SANS, GIAC, Certified, Log Analysis, Baltimore, New Carrollton, College Park, Hyattsville, Silver Spring, Laurel, Bowie, Clinton, Washington DC, District of Columbia

#LI-GB1

#LI-HYBRID