NANA Cyber Security Analyst - Forensic Malware Technician - TS/SCI required in San Antonio, Texas
Cyber Security Analyst - Forensic Malware Technician - TS/SCI required
RiverTech, an Akima Company, delivers mission support services in the areas of engineering, communications, training, operations and maintenance, intelligence, aviation, logistics, and space systems that protect and defend sea, land, air and space operations and their personnel. Providing the talent, tools, and technologies to ensure exceptional performance in today’s most demanding and strategically critical global environments. This is RiverTech. Our personnel enjoy competitive benefits packages and challenging roles in work environments committed to innovation, diversity and opportunity for career growth. As an Alaska Native Corporation (ANC), 100% of our company’s profits go back to our 14,300 Iñupiat shareholders that have resided near and above the Arctic Circle for more than 10,000 years. Our business helps support their way of life and contributes to the survival of a culture that has thrived in a challenging environment.
The ability of the 33 NWS to complete its mission is dependent upon accurate, timely and thorough conduct of network and computer forensics on suspected and confirmed compromised AF systems to determine the method of intrusion and corrective actions to be taken to prevent or detect similar future activities.
The successful candidate will document all findings in the investigation/incident log. Track evidence inventory for intake and releasing evidence items delivered to the forensics laboratory. This includes insuring proper handling and maintenance of evidence and chain of custody records. Apply best principles and practices in retrieving, recovering, and preserving digital evidence. Utilize leading forensic tools such as EnCase, FTK, CloudStrike, FireEye, and other systems as required.
Collaborate with leadership and external agencies, including Counter‐Intelligence activities/agencies, OSI, FBI, and other security agencies, to include Incident Responders, as well as other forensic analysts.
Provide AF OSI DCO technical support to law enforcement and counter‐ intelligence activities. The contractor shall continue to conduct base network defense while AF OSI collects network evidence.
Turn any investigation over to AF OSI if it is determined during the course of an investigation a law was broken.
Be prepared to support and/or augment Incident Response deployment with same day notice. This travel will allow responders to support the retrieval of hard drives or miscellaneous storage media, isolate system(s) for additional investigation, and performing other on‐site Incident Response actions. In addition, the contractor shall be required to set up a monitor or “cage” at the on‐site location.
Provide OJT to other contractors, military, and/or civilian personnel, and maintain continuity folders/working aids in order to ensure efficient transition when personnel rotate.
Create and document metrics for reporting and analysis to improve weapon system processes and mission execution.
2‐3 years experience using various forensic imaging tools (ie. dd, EnCase, FTK Imager). Experience using various cellphone forensic tools such as Cellebrite or XRY.
3 years experience as an Incident Handler, proficient in incident response workflows and methodologies.
Prior/ previous hands on experience with the following: Splunk/ELK, Malware sandboxing, Intrusion detection systems and Endpoint technologies.
Proficient w/ Forensic Analysis, security tools such as security tools such as NMAP, Nessus, TCPDump, Wireshark, Netcat, Backtrack, Encase, Helix, FTK. Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects).
The duties and responsibilities listed in this job description generally cover the nature and level of work being performed by individuals assigned to this position. This is not intended to be a complete list of all duties, responsibilities, and skills required. Subject to the terms of an applicable collective bargaining agreement, the company management reserves the right to modify, add, or remove duties and to assign other duties as may be necessary. We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.
We are an equal opportunity employer. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law.
We are committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you have a physical and/or mental disability and are interested in applying for employment and need special accommodations to use our website to apply for a position please contact, Recruiting Services at email@example.com or 571-353-7053. Reasonable accommodation requests are considered on a case-by-case basis.
The dedicated email and telephonic options above are reserved only for individuals with disabilities needing accessibility assistance to apply to an open position using our website.
Please do not use the dedicated email or phone number above to inquire on the status of your job application.
In order for our company to stay compliant with government regulations, please apply on line. Please DO NOT email resumes or call in lieu of applying online unless you have a physical and/or mental disability and need assistance with the online application.
Job: Information Technology
Primary Location: US-TX-San Antonio
Shift: Day Job
Req ID: RIV01297