Cyber DFIR Engineer
Description:
Job Description
Cyber DFIR Engineer
Atlanta, Georgia
Zebulon, North Carolina
On-site
Description:
Become part of a team solving the most significant Cybersecurity & IT Challenges and helping keep the world’s largest and most elite brands safer from cyber threats. At Maverc we have a powerful mindset based on our core values of being accountable, helpful, adaptable, and focused. Maverc Technologies is a proven and effective small business partner and consultant, recognized as a leader in providing cyber security and IT services to the Federal, State, and local Government and within the Intelligence Community. Maverc Technologies is seeking a Cyber DFIR Engineer to support one of our State Agency customers.Experience:
Five years of experience in Cybersecurity or related work
Knowledge of
one or more cloud platforms and cloud security
general information technology (IT) and cybersecurity
computer networking concepts and protocols, and network security methodologies.
network traffic analysis and packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
operating systems, including Windows/Unix ports and services.
modern identity and access management concepts
phishing tactics and techniques
advanced cyber threats and vulnerabilities.
cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
adversarial tactics, techniques, and procedures
intrusion detection methodologies and techniques for detecting host and network-based intrusions.
incident response and handling methodologies.
countermeasures to address a variety of threats
around leveraging automation, ML, and/or AI
advanced threat hunting techniques
types of digital forensics data and how to recognize them.
types and collection of persistent data.
file system implementations (e.g., New Technology File System [NTFS], File Allocation Table [FAT], File Extension [EXT]).
which system files (e.g., log files, registry files, configuration files) contain relevant information and where to find those system files.
processes for seizing and preserving digital evidence.
Core expertise in Digital Forensics & Incident Response (DFIR), Threat Hunting and Incident Response (Tier 3 level)
Deep forensic analysis on endpoints
Understanding forensic artifacts on machines
Strong communication and organizational skills
Ability to clearly articulate technical knowledge
Must be concise and direct in responses
Team collaboration and openness to feedbackResponsibilities/Job Description:
NOTE: On-site Tuesday-Saturday with on-call responsibilities
The Cyber DFIR (Digital Forensics & Incident Response) Engineer on the advanced 24/7 Cyber Incident Response Team (CIRT) is responsible for effectively responding to cyber incidents within any technology environment leveraging digital evidence and forensic analysis techniques.
As DFIR professionals, individuals in this role demonstrate proficiency in log, code, cloud, identity, network, endpoint, memory, malware, and root cause analysis. The position will directly perform, facilitate, or consult on the entire cyber incident response.
Cyber DFIR Engineers must be able to operate and provide technical direction in structured and unstructured situations. This role will routinely setup and lead incident response calls and collaborate across various IT/Cyber functions.
Education: Bachelor's degree preferred
Certifications:
Industry certifications in general technology (e.g. Network+, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals, etc.)
Industry certifications in cyber security, such as: Security+, CySA+, GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Examiner (GCFE), GIAC Cloud Forensics Responder (GCFR), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensic Analyst (GNFA), GIAC Reverse Engineering Malware Certification (GREM), etc.
Experience in Cyber Breach Response, Security Operations Center (SOC), Network Operations Center (NOC), IT/Cyber Engineering, or Intelligence Community (IC)
Powered by JazzHR
qq6Dhwpf93
Full-time