Cyber Incident Response & Digital Forensics Lead (Top Secret clearance)
ALTA IT Services
Washington, DC
Washington, DC - ONSITE
Clearance: Must possess active Top Secret security clearance
Salary: Up to $175K
ALTA IT Services is seeking a highly skilled and knowledgeable Cyber Incident Response & Digital Forensics Lead who will lead a team of incident responders and forensic analysts. This position is located on customer site in Washington, D.C.
Responsibilities include but are not limited to:
• Assist in analyzing alerts, identifying true positives, and prioritizing incidents and incident response based on severity and impact.
• Leading the analysis and identification of mobile threats, including malware, vulnerabilities, and other malicious activities targeting mobile devices and applications.
• Working with the SOC/watch floor to develop and refine incident response plans and SOPs.
• Gathering and analyzing extensive datasets to bridge informational gaps associated with cyber-attacks. This involves identifying perpetrators, understanding their intrusion methods, and meticulously documenting the precise sequence of actions that compromise system integrity.
• Gathering evidence, analyzing artifacts, and reconstructing events to understand the scope and impact of incidents, determine how the compromise occurred, and identify root causes.
• Conducting forensic analysis on systems and networks to determine the scope and impact of security incidents.
• Conducting regular joint training exercises and tabletop simulations help strengthen coordination between teams and ensure compliance with security policies.
• Conducting advanced malware analyses; devising and executing targeted threat mitigation strategies tailored to program and customer needs.
• Analyzing threat intelligence feeds, indicators of compromise (IOCs), and TTPs to identify and conduct incident response to emerging threats.
• Responsible for preserving and presenting evidence for legal proceedings.
Basic Qualifications:
• Bachelor’s degree, preferably in IT, cybersecurity, or related discipline.
• 12+ years of IT experience with 8+ years of cyber incident response experience.
• 2+ years experience leading a team of incident responders.
• 2+ years of experience with digital forensics,
• Must possess GIAC Certified Incident Handler (GCIH) certification.
• 3+ years of hands-on Splunk experience.
• Proficient understanding of mobile operating systems architecture (such as Android, iOS), including the security features and limitations of each platform, as well as proficient understanding of mobile application security, network protocols, and the potential exploitation vectors associated with mobile devices.
• Advanced knowledge of Windows, Linux, and macOS, enabling effective analysis and response across diverse technical environments
Preferred Qualifications:
Experience using the Axiom Forensics Suite.
Desirable certifications: GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensic Analyst (GNFA).
Other preferred certifications: GIAC Continuous Monitoring Certification (GMON), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Cloud Threat Detection (GCTD), GIAC Cloud Forensics Responder (GCFR), GIAC Advanced Smartphone Forensics Certification (GASF), GIAC Mobile Device Security Analyst (GMOB).
#M2
Ref: #850-Rockville (ALTA IT)
About the Company
ALTA IT Services
ALTA IT Services, LLC combines experience and expertise to deliver IT talent that meets and exceeds the expectations of our clients. Since 2004, we have specialized in delivering IT services and staffing nationwide from our Rockville, MD headquarters and two regional offices located in Columbia, MD and Cincinnati, OH. ALTA provides IT staffing and services to support critical IT initiatives, including Artificial Intelligence, Program & Project Management, Enterprise Platforms, Cybersecurity, Systems Engineering & Administration, Software & Web Services, Data Science & Analytics, DevOps, Quality Assurance, Help Desk, Network Management & Support, and Training. Our team of recruiting professionals can recruit any skill necessary to support both commercial and government client needs throughout the United States.
The foundation of our business operations is that we build relationships to last. We do this by placing the highest priority on our core values of integrity, reliability, and quality. We take the responsibilities entrusted to us by our clients and IT professionals very seriously.
As a result, we are proud to say that the majority of our clients have been with us for more than a decade. We work hard every day to earn and keep their trust. That is the promise that we make to all of our clients.