Senior Cybersecurity SOC and Forensics Analyst Job at Tetrad Digital Integrity LLC, Port Hueneme, CA

RGtrejhWZGgrU05BU1RzbmUvR2ZpQlRUK3c9PQ==
  • Tetrad Digital Integrity LLC
  • Port Hueneme, CA

Job Description

Job Description

Job Description

Tetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age.

TDI is looking for a Senior SOC and Forensics Analyst to join our team at Port Hueneme and be responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) within the enterprise. This includes analytical analysis of device communication, forensic analysis of Windows or Linux systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, and malware identification/triage. Experience with system administration, Windows and Linux operating systems (OS) mechanics and filesystem structures, disk and memory forensics, commonly abused tools/vectors for persistence, privilege escalation, and lateral movement, operating system log analysis, and triaging suspicious file artifacts for unusual behavior, with respect to the environment they are found in.

Familiarity with what routine OS activities and common software/user behavior looks like in the context of forensic artifacts or timelines, as well as, common categories and formats of host-based indicators of compromise (IOCs) and how/where they can be leveraged to identify known-bad files/activity on an endpoint. Candidate will utilize the Cyber Kill Chain and define the entire attack life cycle along with creating detailed reports on how impacts may or have occurred. reviews and provide feedback to journeyman and junior analysts’ investigation and facilitate discussions on recommendations on improving SOC visibility, efficiency, and/or processes focus on identifying unusual files, scripts, configurations, and user activity based on bulk aggregation via an Endpoint Detection and Response (EDR) or triage tools, and coordinate forensics centric efforts with case management oversight.

 

Requires on-site work at least 3 times per week, possibly more based on contract needs.

 

RESPONSIBILITIES:
  • Support client leaders in establishing and managing a Security Operations Center (SOC) to provide a secure environment that facilitates incident response and threat hunting activities.
  • Provide oversight over more junior cyber analysts and assist client with prioritization and milestone tracking for efforts related to the SOC
  • Manage the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices
  • Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions
  • Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency
  • Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiences
  • Preform forensic analysis of Windows and Linux clients and servers, other control operating systems, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, and malware identification/triage.
QUALIFICATIONS:
  • 5 years of experience in security operations, demonstrating leadership in customer-facing roles
  • Active Top Secret security clearance
  • Deep understanding in host/network forensics software tool kits (e.g. MAGNET, EnCase, Sleuthkit, FTK)
  • Understand evidence handling processes and procedures specifically in DoD environments
  • Able to ensure completed collection of artifacts to provided best possible outcome of a case
  • Proficient in analyzing cyber-attacks, with a deep understanding of attack classifications, stages, system/application vulnerabilities, and compliance with Department of Defense (DoD) policies and procedures
  • Extensive knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center
  • Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations
PREFERRED QUALIFICATIONS:
  • Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS)
  • Strong analytical and troubleshooting skills
  • Proficient in forensics software tool kit (MAGNET)
  • Able to provide expert content development in Splunk Enterprise Security using tstats and data models
  • Understands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliances
  • Experience in other tools and communication languages as applicable such as Nessus, Endgame, CrowdStrike, Gray Noise, Shodan, Bacnet, MODBus, SCADA systems, and PCAP
  • Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases
  • Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or relevant IT technology certification: 
  • OR DoD 8570 Cyber Security Service Provider (CSSP) or IAT Level II compliant, Certified First Responder (CFR), Computer Hacking Forensic Investigator (CHFI)
  • CompTIA Cyber Security Analyst (CySA+)
  • Global Information Assurance Certification (GIAC) Certifications
    • Network Forensic Analyst (GNFA)
    • Certified Intrusion Analyst (GCIA)
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. A reasonable estimate of the current range is $145,000-165,000.


 

TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.

"TDI is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, genetics, gender identity or expression, national origin, protected veteran status or disability status, or any other characteristic protected by federal, state or local laws."

Powered by JazzHR

16jjewYUVd

Job Tags

Permanent employment, Contract work, Local area,

Similar Jobs

Sherman Associates

Catering Sales Manager Job at Sherman Associates

 ...The Hotel Zamora, a beautiful boutique hotel located in St. Pete Beach, FL is seeking an experienced Catering Sales Manager. The Hotel Zamora is under new ownership and management with Sherman Associates, an accomplished and proven real estate development and management... 

Southern Health Partners

LPN or RN Days Job at Southern Health Partners

 ...fundamental part of all great nursing programs. Come be a part of our team at:Location: Polk County Detention Center Open Position: PT LPN or RN Schedule: Every OtherSaturday & Sunday 10 hr Day shifts ***Could be every weekend for right candidate Duties include, but... 

WELLS FARGO BANK

Branch Manager Kayenta Chinle Tuba City Job at WELLS FARGO BANK

 ...About this role: Wells Fargo is seeking a Senior Branch Network Management Trainee (SAFE) for National Branch Network as part of the...  ...Box 279, Chinle, AZ 86503-1799~97 S Main St. PO Box 97, Tuba City AZ 86045 Required locations listed above. Relocation assistance... 

Tru by Hilton McKinney

Tru by Hilton, McKinney, Hotel Front Desk Agent Job at Tru by Hilton McKinney

 ...motivated individuals to join our Front Desk team here at the Tru by Hilton...  ...balance at the end of each shift Answers guest inquiries about area attractions, hotel services, directions or reservations...  ...May be required to work nights, weekends, and holidays. Will... 

Eleven Recruiting

Desktop Support Technician - SF Job at Eleven Recruiting

 ...Eleven Recruiting We are a specialized technology staffing agency supporting professional and financial services companies. Why do we stand...  ...client, an investment firm, is seeking an experienced Senior Desktop Support Technician to join their team in San Francisco,...