Full Time Employee Contractor
Assists in providing computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Assists in conduct vulnerability assessments/penetration tests of information systems. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption. Assists in deterring, identifying, monitoring, investigating and analyzing computer network intrusions.
• Documentation of all event investigation activities, incoming requests for information, or suspected incident reports as required to support law enforcement records, case disposition, and audit review;
• Near real-time notification and escalation of security events to initiate containment activities.
• For security event notification, include security recommendation, technical guidance, and coordination for the overall approach for the containment and eradication of the security event;
• Development and maintenance of the CSIRT Wiki;
• Development and maintenance of the CSIRT Standard Operating Procedures (SOPs), which defines standard processes for activities such as analysis, reporting, and incident response;
• Collaboration with US-CERT and other sources to stay abreast of threats, take proactive action, and communicate threats and mitigations with stakeholders;
• Staff the CSIRT at all times to manage technical aspects of network attacks and associated incident response and coordination.
To apply for this job, contact: