Jobs

    Incident Response Analyst - Washington, United States - Computer World Services

    Computer World Services
    Computer World Services Washington, United States

    3 weeks ago

    Default job background
    Description

    Job Description

    The mission of the OFR is to support the Financial Stability Oversight Council (FSOC) in promoting financial stability by: collecting data on behalf of FSOC; providing such data to FSOC and member agencies; standardizing the types and formats of data reported and collected; performing applied research and essential long-term research; developing tools for risk measurement and monitoring; performing other related services; making the results of the activities of the OFR available to financial regulatory agencies; and assisting such member agencies in determining the types of formats of data authorized to be collected by such member agencies.

    The Incident Response Analyst is an on-call role providing day-to-day incident response across the OFRAE and JADE networks. This includes investigating alerts from the SOC, third party notifications, and other security tools; working with Enterprise System owners to remediate immediate threats and incidents; knowledge capture and investigation tracking documentation to maintain knowledge on the team; monitor and notify of security tool outages and issues; participate in process enhancements through after-action reports, tabletop exercises, and peer consulting as needed.

    The role will advise and build automations and complex playbooks to further grow the response capability of the team. This is a highly technical role that requires a solid understanding of incident response and security practices. As part of a growing team this role will have the ability to leverage and work with new capabilities as they are deployed including deception infrastructure, continuous penetration testing, data loss prevention (DLP), and machine learning capabilities. The analyst should have experience in ticketing workflow, EDR and endpoint data investigations, network pcap and netflow investigation, and other security tool alerting workflow and pivoting. This role is expected to contribute to maturing the overall IR and security capability through experience and recommendations at every level of security.

    A successful candidate should also have an area of expertise in at least one blue team capability be it CTI, forensics, malware, etc.

    Key Tasks and Responsibilities

    • Assess cybersecurity incidents to investigate, validate, respond, and recover the environment, and perform additional activities such as root cause analysis and resilience recommendations. Serve as the primary escalation point for the SOC in the event of an incident.
    • Communicate and coordinate with internal and external teams during incidents and breaches.
    • Design, implement, and document IR processes, procedures, playbooks, and guidelines.
    • Participate in breach and attack simulation and purple teaming exercises to stress test the incident response plans and playbooks.
    • Compose and deliver executive-level reports, presentations, and postmortems for key stakeholders.
    • Provide relevant, strategic recommendations to help improve the security posture of an organization during and after an incident.
    • Analyze emerging threats to improve and maintain the detection and response capabilities of the organization.
    • EDR/IDS/IPS
    • NDR/Network
    • Identity Provider (IdP) authentication policies
    • Email defense platforms
    • Integration of threat intelligence feeds with security policy enforcement points
    • SIEM and XDR detections
    • Security orchestration, automation, and response (SOAR) playbook development
    • Apply knowledge of monitoring, analyzing, detecting, and responding to cyber events to develop clever, efficient methods and technology to detect all types of threat.
    • Document specifications, playbooks, and detections - not as an afterthought, but through the whole process.
    • Work with developers to build security automation workflows, enrichments, and mitigations.
    • Evaluate policies and procedures and recommend updates to management as appropriate.
    Education & Experience
    • Bachelors degree or equivalent practical experience in incident response, computer science, cybersecurity, information technology, software engineering, information systems, or computer engineering
    • Four or more years in an incident response role required.
    • Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handling preferred.
    • Programming and scripting languages, preferably Python and PowerShell.
    • Scripting and automation for use in SOAR is a plus.
    • Strong written and verbal communication skills; must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors.
    • Deep understanding of computer systems and concepts, including operating systems, computer networking, cloud computing.
    • Continually updated understanding of and ability to recognize and categorize types of vulnerabilities, exploits, and associated attacks.
    • Continually updated understanding of and ability to identify, capture, contain, and report malware.
    • Ability to preserve evidence integrity in keeping with standard operating procedures and/or national standards.
    • Motivation to continually improve the incident response program and associated policies and procedures.
    • Identification of opportunities to improve collaboration and communication with internal and external stakeholders to mitigate incidents and follow protocols.
    • On-Call nights and weekends based on response SLA requirements.
    • Curiosity and tenacity as related to forensic investigations and threat hunting.
    • Ability to work effectively under pressure; previous experience as an emergency medical responder, firefighter, or related high-pressure environment preferred but not required.
    • Willingness and experience in supporting people from a variety of backgrounds and areas across the organization.
    • Common attacker types and motivations (e.g., nation-state sponsored, ransomware gang, script kiddie, insider threat, etc.)
    • Familiar with and have worked within security frameworks such as: NIST SP 800-61, Attack lifecycle, SANS Security Controls, MITRE ATT&CK, Kill chain, OWASP Top 10
    • SANS Security 500 Series or other industry standard equivalent recommended but not required.
    Certifications
    • Preference given for CCE, CCFE, CEH, CPT, CREA, GCFE, GCFA, GCIH, GCIA GIAC, Splunk Core, OSCP, SANS Security 500 Series or other industry standard equivalent
    Security Clearance
    • Public Trust
    • Must be a U.S. Citizen
    Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)
    • This is a remote/work from home role
    Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.

    Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Aaron McClellan in Human Resources at or
  • Edgewater Federal Solutions

    Incident Response Analyst

    1 week ago

    Edgewater Federal Solutions Washington, United States

    Overview · Edgewater Federal Solutions is currently seeking a Mid-Level Incident Response Analyst to provide advanced Incident Response expertise and support to maximize cyber fusion throughout the Client's SOC, ensuring the Client's infrastructure and operations remain safe and ...

  • Sikich

    Incident Response Analyst

    1 week ago

    Sikich Washington, United States

    · Incident Response Analyst (II) · What to expect when you join the Sikich family · Team members at Sikich have a lot in common while also being part of a rich and diverse group of contributors, creating a distinct and thriving culture. Chief among our commonalities are a desir ...

  • Sikich

    Incident Response Analyst

    6 days ago

    Sikich Washington, United States

    Incident Response Analyst (Active Secret Clearance) · Incident Response Analyst (II) · What to expect when you join the Sikich family · Team members at Sikich have a lot in common while also being part of a rich and diverse group of contributors, creating a distinct and thrivin ...

  • Computer World Services

    Incident Response Analyst

    6 days ago

    Computer World Services Washington, United States

    · Job Description · The mission of the OFR is to support the Financial Stability Oversight Council (FSOC) in promoting financial stability by: collecting data on behalf of FSOC; providing such data to FSOC and member agencies; standardizing the types and formats of data reporte ...

  • Meta Inc

    Incident Response Team Analyst, NORAM

    1 day ago

    Meta Inc Washington, United States

    Summary: · Meta is seeking a motivated, highly-organized, detail-oriented candidate to join our Law Enforcement Incident Response Team. The right candidate must have a strong work ethic, excellent judgment, and exceptional partnering skills. · Required Skills: · Incident Response ...

  • Edgewater Federal Solutions

    Senior Incident Response Analyst

    1 week ago

    Edgewater Federal Solutions Washington, United States

    Overview: · Position Overview: · Edgewater Federal Solutions is currently seeking a Senior Incident Response Analyst to provide advanced Incident Response expertise and support to maximize cyber fusion throughout the Clients SOC, ensuring the Clients infrastructure and operations ...

  • MindPoint Group

    Digital Forensics Incident Response Analyst

    3 weeks ago

    MindPoint Group Washington, United States

    Career Opportunities with MindPoint Group · A great place to work. · Current job opportunities are posted here as they become available. · Digital Forensics Incident Response Analyst - Clearance Required · Since 2009, MindPoint Group has been the cybersecurity firm of choice for ...

  • Booz Allen Hamilton

    Responsible AI Operations Research Analyst

    1 week ago

    Booz Allen Hamilton Washington, United States

    Do you love solving problems? Are you passionate about making Responsible AI more practical and actionable? On our Responsible AI team, youll work to bring AI Ethics research and Governance to life as a Responsible AI ambassador. You will help to im Research Analyst, Operations, ...

  • Meta Inc

    Incident Response Team Analyst, NORAM

    6 days ago

    Meta Inc Washington, United States

    Summary: · Meta is seeking a motivated, highly-organized, detail-oriented candidate to join our Law Enforcement Incident Response Team. The right candidate must have a strong work ethic, excellent judgment, and exceptional partnering skills. · Required Skills: · Incident Respo ...

  • Booz Allen Hamilton

    Digital Forensic Incident Response Analyst

    3 weeks ago

    Booz Allen Hamilton Washington, United States

    Job Number: R · Digital Forensic Incident Response Analyst · Key Role: · Collect, analyze, and present digital evidence in support of computer investigations. Apply basic principles, theories, and concepts and limited industry knowledge. Solve routine problems of limited scope ...

  • Booz Allen Hamilton

    Responsible AI Operations Research Analyst

    3 days ago

    Booz Allen Hamilton Washington, United States

    Responsible AI Operations Research Analyst · The Opportunity: · Do you love solving problems? Are you passionate about making Responsible AI more practical and actionable? · On our Responsible AI team, you'll work to bring AI Ethics research and Governance to life as a Respons ...

  • OMW Consulting

    Cyber Incident response analyst with Security Clearance

    1 week ago

    OMW Consulting Washington, United States

    Cyber Incident Response Analyst Washington, DC - On site TS Clearance - SCI eligible $140k-$150k I am partnered with a leading Cyber security consultancy who is looking to hire a Cyber Incident Response Analyst to be based on site in DC for a federal customer. To be considered fo ...

  • Madison Associates, Inc.

    Investigative Analyst/Fraud Investigator

    4 weeks ago

    Madison Associates, Inc. Washington, United States

    Madison Associates Inc. (MAI) is seeking qualified candidates for an Investigative Analyst/Fraud Investigator position in the Metro Washington DC area. This position includes onsite and telework opportunities. · Madison Associates Inc. is a law enforcement consulting firm which ...

  • INFOLOB

    Oracle ERP Requirements

    1 week ago

    INFOLOB Washington, United States

    Position: Senior Oracle ERP FS - Project and Grants · Location Washington, DC (Onsite Day 1) · Duration: Long Term · Rate: $Open per Hour · Duties and Responsibilities: · The business system analyst is responsible for solving business problems, business architecture, process op ...

  • HRUCKUS

    Senior Business Analyst

    6 days ago

    HRUCKUS Washington, United States

    Veteran Firm Seeking a Sr. Business Analyst for an Onsite Assignment in Washington, DC · My name is Stephen Hrutka. I lead a Veteran-owned consulting firm in Washington, DC, focused on strategic sourcing, supply chain management, and IT Staffing. · We want to fill a Sr. Business ...

  • Northmarq

    Multifamily Production Analyst

    3 weeks ago

    Northmarq Washington, United States

    Agency Production Management Analyst II - Commercial Real Estate Finance · Northmarq – Washington, DC (13th St NW) *on-site position · At Northmarq, you can be part of something special. Northmarq is a unique capital markets resource for commercial real estate investors, providin ...

  • TechInsights

    Associate Market Research Analyst

    2 weeks ago

    TechInsights Washington, United States

    OUR STORY · TechInsights is the information platform for the semiconductor industry. · Regarded as the most trusted source of actionable, in-depth intelligence related to semiconductor innovation and surrounding markets, TechInsights' content informs decision makers and professio ...

  • Bent Ear Solutions LLC

    Intelligence Analyst

    1 week ago

    Bent Ear Solutions LLC Washington, United States

    Bent Ear Solutions (BES) is focused on helping public safety organizations deploy, implement, and operationalize emerging technologies in order to help them save lives and protect property. We are looking for versatile, passionate employees who care deeply about the public safety ...

  • Serigor Inc

    Business Systems Analyst Senior

    3 weeks ago

    Serigor Inc Washington, United States

    Job Title: Business Systems Analyst Senior (Onsite) · Location: Washington, DC · Duration:12 Months+ · Short Description: · 11-15 years of experience. Business Analyst with proven professional experience in capture, verify and manage requirements and requirements traceability in ...

  • Tiber Hudson LLC

    Financial Analyst/Paralegal

    4 weeks ago

    Tiber Hudson LLC Washington, United States

    Financial Analyst/Paralegal · Top Washington, D.C. law firm specializing in municipal securities and affordable housing law seeks full-time financial analyst/paralegal with college degree with an emphasis in the mathematical/financial field demonstrating superior academic perform ...