Cyber Network Defense Analyst III (Cybersecurity)

TL;DR

Cyber Network Defense Analyst III (Cybersecurity): Performing Tier 2 and Tier 3 incident response and proactive threat hunting for DHS’s Hunt and Incident Response Team (HIRT) with an accent on digital forensics and network traffic analysis. Focus on correlating forensic findings to network events, conducting forensic triage, and developing intrusion narratives.

Location: Sterling, VA / Arlington, VA. Must be a U.S. Citizen with active TS/SCI clearance

Company

hirify.global provides technically advanced cyber, data operations, systems integration, and intelligence mission support services to the U.S. government.

What you will do

• Perform Tier 2 and Tier 3 incident response and proactive threat hunting for the Nation's cyber infrastructure.
• Correlate forensic findings to network events to develop detailed intrusion narratives.
• Conduct forensic triage to determine the scope, urgency, and potential impact of breaches.
• Analyze network traffic and metadata to identify anomalous activity and potential threats.
• Author cyber investigative reports and document Computer Network Defense (CND) guidance.
• Utilize cyber defense tools for continuous monitoring and analysis of system activity.

Requirements

• U.S. Citizenship and active TS/SCI clearance required.
• Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability.
• 5+ years of direct experience in cyber defense analysis using industry-standard tools.
• Proficiency in creating forensically sound duplicates of evidence and authoring investigative reports.
• Experience with common operating systems, including Linux/Unix and Windows.
• BS in Computer Science, Cyber Security, Computer Engineering, or related degree (or equivalent experience).

Nice to have

• Understanding of SaaS, PaaS, and IaaS in cloud environments.
• Proficiency with EDR tools such as CrowdStrike, SentinelOne, Cortex, MS MDE, or Trellix.
• Experience with host forensics software (EnCase, FTK, X-Ways, Volatility, KAPE).
• Proficiency with WireShark, Splunk, and Elastic.
• Relevant certifications such as GCFE, GCFA, GCIH, GSEC, Security+, or AWS/Azure certifications.

Culture & Benefits

• Collaborative environment working alongside talented cybersecurity professionals.
• Opportunity to support highly impactful national security missions.
• Focus on innovation and solving complex problems within the intelligence community.