TECHNOGEN, Inc. is a Proven Leader in providing full IT Services, Software Development and Solutions for 15 years.
TECHNOGEN is a Small & Woman Owned Minority Business with GSA Advantage Certification. We have offices in VA; MD & Offshore development centers in India. We have successfully executed 100+ projects for clients ranging from small business and non-profits to Fortune 50 companies and federal, state and local agencies.
I am Kishore from TechnoGen Inc, looking for
Digital Forensics SOC Analyst III for one of our clients. Below is the job description for your review.
Please let me know if you would be interested and share your updated resume.
You can reach me kishore.b@technogeninc.com/571-660-1013
Position: Digital Forensics SOC Analyst III
Location: Crownsville, MD 21032(Onsite)
Duration: 12 Months
Job Description
- Hands-on experience with security monitoring and SIEMs tools - Splunk Enterprise Security is preferred
- Demonstrated working knowledge of cyber forensics and incident handling best practice processes, procedures, standards, and techniques
- Hands-on experience with forensics image capture tools i.e., FTK Imager, MAGNET ACQUIRE
- Hands-on experience with system image/file system/registry forensics tools i.e., Encase, FTK, X-Ways, Magnet AXIOM, Sleuthkit, Access Data Registry Viewer, Registry Recon, or other)
- Hands-on experience with PCAP analysis tools i.e., Wireshark, TCP Dump, Network Miner, Xplico, or other
- Hands-on experience with memory forensics tools i.e., BlackLight, Volatility, SANS SIFT, Magnet RAM Capture, or FireEye Memoryze, CrowdStrike Crowd Response
- Hands-on experience with Endpoint Detection & Response solutions - Tanium Threat Response, McAfee or other
- Practical hands-on experience with static in malware analysis
- Hands-on experience with malware anti-forensics, obfuscation, packing techniques
- Hands-on experience with malware Analysis - Miscellaneous dynamic & static analysis tools (IDA Pro, Ghidra, OllyDBG, WinHex, HexEdit, HexDump, PeSTudio, REMux, OLEDUMP)
- Hands-on experience with Custom Signature Creation - YARA
- Scripting/Programming experience - Python, Perl, C, C++, Go
- Highly desired industry certifications include Certified Forensics Computer Examiner (CFCE), Computer Hacking Forensic Investigator (CHFI), GIAC Certified Forensic Examiner (GCFE), Certified Computer Examiner (CCE)
- Relevant industry certifications such as Certified Ethical Hacker (CEH), GIAC Reverse Engineering Malware (GREM), Certified Reverse Engineering Analyst (CREA) etc
- Provide SOC Analyst Tier 3 escalation support
- Plan, initiate, and conduct investigations for cybersecurity incidents response efforts
- Perform forensic examinations on compromised systems
- Understand and use forensic tools and techniques for cybersecurity incidents
- Create forensic root cause and scope of impact analysis reports
- Contribute to technical briefings on the details of forensics exams and report
- Provide support in conducting malware analysis of attacker tools
- Stay current on incident response and digital forensics skills, best practices, and tools
- Train SOC analysts on usage of SIEM tools (Splunk), and basic event analysis
- Develop rules and tune SIEM and related tools to streamline the event analysis done by the SOC
- Assist developing new processes and procedures for SOC monitoring
- Monitor networks for threats from external and internal sources
- Analyze network traffic of compromised systems and networks
- Correlate actionable security events from various sources
- Review threat data and develop custom detection signatures
- Gather and analyze threat intelligence data and conduct threat hunting
- Understand cybersecurity attacks and tactics, techniques, and procedures (TTPs) associated with advanced threats
- Communicate clearly with Government counterparts, and SOC customers
