Cyber Incident/Forensics AnalystDate posted 09/15/2016
Job ID#: 9832BR
Company: General Atomics
Job Title: Cyber Incident/Forensics Analyst
Job Category: Information Technology
City: San Diego
Regular/Temp: Regular Employee
Full-Time/Part-Time: Full-Time Salary
We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply.
We have an exciting opportunity for a Cyber Incident/Forensics Analyst to join our Cyber Security Threat Analysis team in San Diego, CA.
With general supervision, this position is responsible for the investigation, analysis and corrective action of activities related to cyber incidents.
DUTIES AND RESPONSIBILITIES:
- Identifies vulnerabilities; participates in the development of recommendations for remediation.
- Identifies and collects intrusion data.
- Participates in the analysis of log files to identify and collect artifacts related to security incidents; analyzes malicious activity to determine weaknesses, methods of exploitation and effects on systems and information.
- Participates in the analysis of threat information from external sources.
- May participate in determining whether a security incident requires legal action.
- Maintains the strict confidentiality of sensitive information.
- Performs other duties as assigned.
- Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company. Expected to work in a safe manner in accordance with established operating procedures and practices.
- Must be able to work in on-call rotation as needed.
- Incident response
- Exposure to firewalls, intrusion prevention systems and other various security applications (administering, troubleshooting)
- Malware (sandboxing platforms)
- Log Analysis
- Experience with any of the following tools: FTK, Encase, Digital Forensics Tools, SIEM
- Typically requires a bachelors degree in a related discipline and two or more years of progressive professional experience in cyber security or a related field. Equivalent professional experience may be substituted in lieu of education.
- Must demonstrate a general understanding of information technology, networking concepts, cyber security incident and forensics analysis principles, theories, concepts and techniques.
- Certifications preferred: GCFA, GCFE, GCIH, CEH
- Must have experience organizing, planning, scheduling, conducting, and managing work assignments to meet project milestones or established completion dates.
- Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes.
- Must be customer focused and possess: (1) the ability to identify issues, analyze data and develop solutions to a variety of technical problems; (2) good analytical, verbal and written communication skills to accurately document, report, and present findings; (3) good interpersonal skills enabling an effective interface with other professionals; and (4) good computer skills. Ability to work independently or in a team environment is essential as is the ability to work extended hours as required.