Computer Forensic and Intrusion Analyst (Senior) 486

Longeviti LLC is searching for a Computer Forensic and Intrusion Analyst (Senior). Longeviti is a government contractor specializing in providing professional support services in fields of information technology, program management, agency administration, intelligence analysis, language translation, culture immersion, and serving as opposing forces/role players. We are a certified 8(a) and small disadvantaged business that excels in the market having earned our status as an ISO 9001 certified provider of services and are rated as CMMI Level 3 in both Development and Services. Quality and continuous improvement are basic tenets of the organization and giving our staff the tools to make it happen are a trademark. Customer satisfaction is paramount.

• Must
  have an active Secret security clearance. Only candidates with a current Secret clearance will be considered.
• Due to federal security clearance requirements, applicant must be a United States Citizen.

• Author strategic and tactical cyber threat reports that detail threats to the Defense Industrial Base for DIB and US Government partner consumption
• Candidates should have a strong background tracking Advanced Persistent Threat (APT) activity and associated Tactics, Techniques and Procedures (TTPs) that threaten data and information systems
• Products ultimately contribute to network defense and cyber threat awareness

• Experienced in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection
• Experience with Domain Name Service records
• Experienced with Cyber Threat Intelligence principles to include indicators of compromise (IOC) types, indicator pivoting and indicator attribution strength
• Experience with intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity
• Experience with confidence-based assessments for purposes of attribution based on their technical analysis of network traffic, multi-source data, malware, and system forensic analysis
• Experienced presenting technical information and analysis to groups up to 50 persons on a quarterly basis and experience briefing smaller groups up to 10 persons on a weekly basis

• Minimum of five years of experience tracking and profiling APT groups
• Comprehensive understanding of APT TTPs and indicators of compromise (IOC)
• A working understanding of cyber threat intelligence platforms to collect and correlate cyber threat information
• Deep understanding of operating systems: file structures, processes, services, and application execution
• Understanding of malware functionality, static and dynamic analysis, and ability to identify IOCs, attributes and understanding of signatures
• Experience writing detailed threat reports, based on own analytic initiative, and using multi-source intelligence and narrative analysis, which lead to a supported conclusion
• Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model and MITRE ATT&CK
• Experience performing focused research and analysis to write complete, accurate, relevant, and timely cyber threat intelligence reports to support network defense
• Ability to create and present compelling briefings to relay relevant cyber threat information to technical and non-technical audiences
• Flexibility to adapt to changing priorities and tight timelines
• Experience with basic usage of scripting languages such as Python, Powershell, Bash for automation and data analysis
• Two to four years SOC experience
• Several years of IC experience
• Expertise with VirusTotal Intelligence, DomainTools Iris
• Industry certifications; CEH, GCTI, GOSI, OSCP, GCED, GDAT, GDSA, GRID, GEVA, GPEN, GXPN
• Ability to develop Yara or Snort signatures

• Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others.

• Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Master’s degree.