Nevada National Security Sites · 2 months ago
Principal Cloud Security, Digital Forensics, and Incident Response Analyst (Principal Cyber Security Analyst)
North Las Vegas, NV
Full-time
Onsite
Senior Level, Lead/Staff
$119K/yr - $181K/yr
8+ years expMission Support and Test Services, LLC (MSTS) operates the Nevada National Security Site, focusing on national security and incident response capabilities. They are seeking a Principal Cloud Security, Digital Forensics, and Incident Response Analyst to implement and monitor security measures for their cloud infrastructure and respond to security incidents.
Government Administration
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Identify and analyze potential cloud-based threats, monitor cloud environments, and respond to security incidents
Monitor intrusion detection/prevention systems (IDS/IPS), Security Event and Incident Management (SEIM) tools, endpoint security tools, email gateways, firewalls, network infrastructure, and other appliances for security issues
Create logical and physical forensic images of digital evidence via the network or directly from hosts
Analyze host-based indicators of compromise or network traffic and analyze additional log, forensic, malware, or other incident response related data as needed
Participate as part of an incident response team to detect, to respond to, contain, and remediate cyber-related threats against IT assets
Seize digital evidence in support of investigations and conduct host-based and network-based forensic analysis of digital evidence
Create detailed reports of investigative activity for consumption by internal and external organizations that include Human Resources, the Legal Department, Information Security Officers, and local, state, and federal law enforcement
Conduct digital investigations involving breaches of Information Technology (IT) infrastructure, forensic investigations, legal and privacy issues requiring digital investigations, and network forensic investigations handling large scale, complex post-incident investigations, where techniques such as network forensics, malware reverse engineering, log analysis, timeline creation, and host-based forensics have been applied
Have a deep understanding of high-tech investigations, skills, techniques, and tools necessary for conducting live forensics on critical systems and being able to produce detailed analysis of the root cause of any incidents
Conducting detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist in prevention of similar incidents
Ability to conduct reverse engineering of malware and other suspicious code and report the findings
Focus on projects of substantial complexity and broad scope, requiring interdisciplinary coordination
Leverage practical experience to independently perform host-based forensic investigations to establish user activity on systems
Independently plan, schedule, and direct projects that are guided by established objectives, budgets, and schedules
Assist in researching, compiling, and analyzing technical data
Be relied upon to multitask as required between responsibilities
Review Cyber Security threat information and assist with mitigating vulnerabilities identified
Develop standards, practices, and procedures as well as increase technical knowledge to solve problems and complete projects
Contribute to an overall productive and respectful work environment by providing excellent customer service and working in a positive, collegial manner by maintaining cooperative and respectful working relationships with Cyber Security Staff, other divisions, and customers
Perform related duties as assigned
Qualification
Required
Bachelor's degree or equivalent training and experience in a computer-related field and at least 8 years of related experience
Ability to conduct investigations on multiple cloud platforms (SaaS, PaaS, IaaS)
Strong knowledge of Azure, AWS, and Oracle OCI
Ability to configure, use, and tune cloud native security tools such as SCNAPP, CSPM, and CASB
Demonstrate a thorough understanding of advanced principles, theories, standards, practices, protocols, forensic hardware and software, and procedures used in Digital Forensics/Incident Response
Understanding of the Windows Operating System and command line tools, network protocols, and TCP/IP fundamentals
Understanding of the Mac Operating System and command line tools
Understanding of the \Nix Operating System and Command line tools
Ability to conduct forensic analysis of mobile devices including Android, iOS, Blackberry, and other cellular and tablet devices
Understanding of file system forensics including HFS, NTFS, FAT, EXT, and CDFS
Ability to conduct forensic analysis of Windows XP, Vista 7, 8, 10, and 11 file systems, Mac OSX, and various \Nix platforms
Knowledge of Cyber Security vulnerabilities, mitigation strategies, network architecture, and how to apply security controls
Ability to articulate highly technical processes and information to a non-technical audience
Ability to render credible testimony in a court of law
Experience with working with a broad variety of computer forensic hardware and software (preferably familiar with EnCase, FTK, and other forensic suites) and incident investigation tools and techniques
Ability to investigate large data compromise events to mitigate risk to data compromise events and investigating insider threats and incidents
Knowledge of computer forensic best practices and industry standard methodologies for responding to network threats
Ability to conduct online investigations and gather intelligence
Ability to understand policies, procedures, laws, regulations, and other directives
Ability to maintain strict confidentiality
Ability to communicate effectively in English, both verbally and in writing, sufficient enough to communicate with co-workers, customers, and write clear and concise reports
Ability to use multiple electronic devices including standard office machines, cellular phones, and security appliances
Ability to meet physical requirements necessary to safety and effectively perform all assigned duties
Ability to pass a federal background check and obtain a “Q” Clearance
Preferred
AccessData Certified Examiner (ACE)
Certified Forensic Computer Examiner (CFCE)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Analyst (GCFA)
Certified Electronic Evident Collection Specialist (CEECS)
GIAC Cloud Forensics Responder (GCFR)
GIAC Cloud Penetration Tester (GCPN)
GIAC Cloud Threat Detection (GCTD)
Certified Computer Examiner (CCE)
EnCase Certified Examiner (EnCE)
GIAC Security Essentials (GSEC)
Certified Information Systems Security Professional (CISSP)
Benefits
Medical, dental, and vision
Both a pension and a 401k
Paid time off and 96 hours of paid holidays
Relocation (if located more than 75 miles from work location)
Tuition assistance and reimbursement
Company
Nevada National Security Sites
The Nevada National Security Sites help ensure the security of the United States and its allies by: supporting the stewardship of the nation’s nuclear deterrent; providing nuclear and radiological emergency response capabilities and training; contributing to key nonproliferation and arms control initiatives; executing national-level experiments in support of the National Laboratories; working with national security customers and other federal agencies on important national security activities; and providing long-term environmental stewardship of the NNSS’s Cold War legacy.
1001-5000 employees
Funding
Current Stage
Late StageLeadership Team
Melissa Biernacinski
Action Officer, Government/Customer Relations and Strategic Partnerships
Company data provided by crunchbase