Cyber Defense Incident Responder SME at ECS FEDERAL LLC in Huntsville, Alabama

Job Description:

ECS is seeking a
Cyber Defense Incident Responder (SME) to work in our
Huntsville, AL office.
Please note: This position is contingent upon contract award.

ECS is seeking a qualified Cyber Defense Incident Responder (SME) to support cybersecurity operations for the Federal Bureau of Investigation. You will provide leadership and cyber SME support for the Digital Forensics and Incident Response (DFIR) Team, playing a crucial role in the FBI's cybersecurity defense strategy.

The DFIR team is responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation. The team will meticulously gather and analyze extensive datasets to bridge informational gaps associated with cyber-attacks. This involves identifying perpetrators, understanding their intrusion methods, and meticulously documenting the precise sequence of actions that compromise system integrity.

Responsibilities

• 
  Assist in analyzing alerts, iden
  ti
  fying true posi
  ti
  ves, and priori
  ti
  zing incidents based on severity and impact.


• 
  Conduct forensic analysis on systems and networks to determine the scope and impact of security incidents.


• 
  Work with the watch floor to develop and refine incident response plans.


• 
  Analyze threat intelligence feeds, indicators of compromise (IOCs), and TTPs (Tac
  ti
  cs, Techniques, and Procedures) to iden
  ti
  fy and respond to emerging threats.


• 
  Conduct a thorough post-incident analysis to iden
  ti
  fy root causes and vulnerabili
  ties


• 
  Conduct regular joint training exercises and tabletop simula
  ti
  ons to help strengthen coordina
  tion.


• 
  Par
  ti
  cipate in red teaming exercises to simulate real-world attacks and iden
  ti
  fy areas for improvement.


• 
  Possess deep exper
  ti
  se in a variety of opera
  ti
  ng systems, including advanced knowledge of Windows, Linux, and macOS, enabling effec
  ti
  ve analysis and response across diverse technical environments.


• 
  Exhibit a profound understanding of intricate network protocols and technologies, facilita
  ti
  ng strategic assessments of complex network incidents and vulnerabili
  ties.


• 
  Highly skilled in advanced malware analysis techniques, capable of devising and execu
  ti
  ng targeted threat mi
  ti
  ga
  ti
  on strategies tailored to specific organiza
  ti
  onal needs.


• 
  Possess specialized knowledge in forensic imaging and data recovery techniques, employing innova
  ti
  ve methodologies to effec
  ti
  vely preserve and analyze digital evidence.


• 
  Possess comprehensive knowledge of advanced persistent threats (APTs), including strategic foresight regarding their tac
  ti
  cs, techniques, and procedures (TTPs) and corresponding countermeasures.


• 
  Demonstrate advanced proficiency in a range of digital forensics tools, such as EnCase and FTK, while evalua
  ti
  ng and implemen
  ti
  ng emerging technologies to enhance inves
  ti
  ga
  ti
  ve capabili
  ties.


• 
  Mentor and develop junior staff, enhancing the overall capabili
  ti
  es of the DFIR team and promo
  ti
  ng a culture of con
  ti
  nuous improvement and excellence.