Data Gathering Support Analyst

POSITION TITLE: Data Gathering Support Analyst

YEARS OF EXPERIENCE: 3+ Years

CLEARANCE: Top Secret/SCI

LOCATON: Hybrid - Camp Springs, MD: Two days/week onsite - every Wednesday as well as one other day per week of your choosing, or as requirements dictate

*****Please Note: Aretec, Inc. does not offer Corp - 2 - Corp (C2C) employment. *****

Aretec is seeking a Data Gathering Support Analyst to join our team in support of a large cyber security operations program with our federal client. The Data Gathering Support Analyst is responsible for the investigation of network traffic patterns and data captured in transit between computing devices in support of SOC operations, ensuring 24x7 availability. This position is hybrid onsite/remote, requiring 2 days per week onsite at our customer's location in Camp Springs, MD.

RESPONSIBILITIES:

• Perform digital forensic acquisitions, electronic evidence collections and forensic analysis.
• Identify, contain, and collect malicious code for Malware Analysis.
• Test, install, and maintain forensic tools and network between the forensic recovery of evidence (FRED) workstations.
• Follow processes and procedures in retrieving, recovering, and preserving electronic evidence.
• Analyze and recommend hardware and/or software tools that will assist in traffic and forensics analysis.
• Document incident investigations and case analysis in accordance with client policy.
• Utilize experience and knowledge of a wide variety of advanced digital technologies and theories to conduct analysis of submitted evidence.
• Work with other analysts in technical examinations, analyzing and reporting on computer-based evidence.
• Assist with conducting investigations into computer related events including intrusions, anomalies, misuse, and compliance issues. Map the network, perform vulnerability scanning and compromise assessment.
• Conduct research on emerging cyber threats, methods, processes, cyber warfare techniques and offensive capabilities.
• Assist the incident response process as the escalation point for matters requiring forensics support.
• Produce quality written work product presenting complex matters clearly and concisely.
• Ensures daily, monthly, and quarterly compliance requirements are met individually and by professional level staff within the timelines provided by Operations executive leadership.
• Performs other related duties as assigned.

REQUIRED SKILLS/QUALIFICATIONS:

• Must be a United States (U.S.) Citizen.
• Must reside within a commutable distance to our client's location in Camp Springs, MD in order to work onsite 2 days/week, which includes every Wednesday as well as one other day per week of your choosing, or as requirements dictate.
• Must be able to pass a comprehensive background check.
• Must be able to obtain an agency-specific suitability clearance prior to starting.
• 2+ years of experience with EnCase, FTK, AXIOM or other forensic tools.
• 3+ years of experience with FireEye, Microsoft ATA, Splunk, Exabeam, Stealthwatch, and Wireshark.
• Debugging and debugger experience using tools such as: OllyDbg, WinDbg, and Immunitydg.
• Disassembling/disassemblers experience using IDA Pro.
• Hands-on experience in reverse engineering, with an understanding of programming languages, different operating systems, and their concepts.
• Must have basic familiarity with the Linux/UNIX command-line, TCP/IP, and networking concepts and terminology.
• Willingness to travel to other client locations if/when needed.
• Excellent verbal and written communication skills.
• Excellent organizational skills and attention to detail.
• Strong analytical, critical thinking, and problem-solving skills.
• Able to work independently and with a group.
• Must have an impeccable work ethic, the ability to make sound decisions, and a commitment to integrity and accountability.
• Proficient with Microsoft Office Suite; specifically, Excel, Word, and Outlook a must.
• Hands-on experience with Adobe Pro a must.
• Excellent interpersonal, negotiation, and conflict resolution skills.
• Strong leadership skills.
• Ability to function well in a high-paced and at times stressful environment.
• Ability to prioritize tasks and to delegate them when appropriate.

EDUCATION: BA/BS

CERTIFICATIONS: Must have at least two of the following Digital forensics/incident response training and certifications or other comparable certification which must be approved in advance by the SecOps PM on a case-by-case basis

• SANS
• GIAC
  • (GCIA, GCFA, GCFE, GNFA, GCCC, and/or GREM)
• IACIS
  • (CFCE or CIFR)
• Guidance Software (EnCE)

Aretec has become aware of fraudulent behavior whereby individuals falsely present themselves as employees, affiliates agents, recruiters or representatives of Aretec Inc. and contact job seekers regarding an employment or investment opportunity. Such fraudsters are misusing similar domain names, email addresses, marks, and logos of the Aretec Inc. to deceive the general public.

Aretec Inc. or its brands will never ask prospective job seekers for any payment to access our employment services including attending interviews or to receive job offers. Aretec Inc. or its brands, also will never ask candidates to pay a fee to secure employment or in order to receive payment of their wages or salary. In addition, Aretec Inc. or its brands do not operate any websites or mobile applications which ask people to make investments, purchase products or pay any money to receive commission payments. Aretec Inc. shall not be liable for loss or damage suffered as a consequence of any participation by any persons in any such fraudulent and unauthorized schemes.

We urge you to be cautious when opening links or attachments from unknown third parties. Except for legitimate business purposes, Aretec Inc. does not send e-mails asking for sensitive information such as bank details or other personally identifiable information nor do we charge or accept any amounts of money. Therefore, do not send money at any time to anyone claiming to be from Aretec Inc. or its brands in relation to prospective employment, or to receive wages or salary, or commission earning investments, either directly or via a mobile application. Please check all email addresses allegedly from Aretec Inc. (@aretecinc.com).