Senior Incident Response Analyst

Position Overview:

Edgewater Federal Solutions is currently seeking a Senior Incident Response Analyst to provide advanced Incident Response expertise and support to maximize cyber fusion throughout the Client’s SOC, ensuring the Client’s infrastructure and operations remain safe and secure from the full spectrum of cyber threats. The Senior Incident Response Analyst will directly support Client SOC teams by providing industry-leading incident response and forensics support to ongoing and significant incidents. Additionally, the Senior Incident Response Analyst must be skilled in related disciplines including threat hunting, forensics, and malware analysis, and be able to integrate these skills to assist in the closure of cybersecurity incidents. The Senior Incident Response Analyst will serve as a senior technical member of the Client’s SOC and will be relied upon to address and remediate the most technical aspects of cybersecurity incidents that arise. This is a full-time position located in Washington, D.C. that will be onsite Mondays through Thursdays and remote on Fridays.

Responsibilities include:

• Lead one or more functional security teams and support the development of staff schedules and staffing forecasts.
• Ensure shift members follow appropriate incident escalation and reporting procedures.
• Provide prompt and efficient support through front-line telephone and email communication.
• Contribute to generating responses to crisis or urgent situations to mitigate immediate and potential threats.
• Accept and respond to government technical requests through the Client’s ticketing system for advanced subject matter expert technical investigative support.
• Create duplicates of evidence using Client supplied procedures and tools to ensure the original evidence remains unaltered.
• Analyze forensic artifacts of various operating systems to identify intrusion elements and root causes.
• Perform live forensic analysis based on SIEM data and perform filesystem timeline analysis for inclusion in forensic reports.
• Extract deleted data using data carving techniques and collect and analyze data from compromised systems using EDR agents and custom scripts.
• Perform static and dynamic malware analysis to discover indicators of compromise and analyze memory images using Judiciary tools.
• Write comprehensive forensic reports and malware analysis reports.
• Support the development of Deliverables including Incident Reports, Image Duplications, Deleted Files, Forensics Reports, and Malware Analysis Reports

Requirements:

• • Minimum of 7 years of related experience in incident response or cybersecurity.
  • Experience with IT Service Management ticketing systems (HEAT or ServiceNow preferred).
  • Familiarity with Security Information and Event Management (SIEM) systems.
  • Expert knowledge of Splunk ES and strong familiarity with Splunk SOAR.
  • Experience with Endpoint Detection and Response (EDR) agents such as Crowdstrike.
  • Knowledge of Agile Scrum project management methodology.
  • Strong understanding of cloud-based and non-cloud-based applications such as Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers.
  • Proficiency in using forensic tools and methodologies, including SIEM, Splunk, and Volatility.
  • Excellent written and verbal communication skills with the ability to write detailed forensic and malware analysis reports.
  • Must possess at least ONE (NOT all) of the stated certifications:
  • GCIA certification
  • GCIH certification
  • GSEC certification
  • GMON certification
  • Security+ certification
  • Certified Splunk Core Power User
  • Bachelor’s degree in computer science, information technology, cybersecurity, or related field.
  • For badging purposes, US citizenship is required.

About Us:

Edgewater Federal Solutions is a privately held government contracting firm located in Frederick, MD.  The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018 through 2022.

It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other statuses protected by applicable law.status protected by applicable law. #LI-SW1