ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public sector customers who demand experience and proven security models to protect their data. We is seeking a Senior Mobile Forensics Analyst who is a motivated individual with strong technical competency that will research and implement detection measures using data from a wide spectrum of sources.  The candidate will also perform opportunistic threat hunting and forensic analysis when required during incidents for a customer in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

  • Use Network and Host Based data to drive detection, monitoring, and response capabilities
  • Create detection analytics based off the MITRE ATT&CK Framework and other security frameworks
  • Perform unique research on adversarial Tools, Techniques, and Procedures (TTPs)
  • Aid the Ops Watch team in response to incidents by analyzing host behavior and network traffic
  • Authorized to view audit records on Central Log Server
  • Authorized to view alerts of IDS/IPS
  • Authorized to modify auditable events on Central Log Server
  • Overtime may be required as needed to support incident response actions (Surge)

Required Skills

  • Experience, breadth and depth of knowledge on customer mobile devices across the enterprise, whether attached to the network though network or controlled interface connection or as stand-alone devices
  • Perform advanced forensic analysis of suspected mobile system malicious activity
  • Perform advanced network threat hunting to detect malicious or suspicious behavior on Agency on-premises and cloud-based networks
  • Respond to incident response events by providing comprehensive findings and recommended remediation steps
  • Conduct packet-level traffic analysis detect anomalies, trends, and patterns
  • Create, troubleshoot, configure and operate complex Scripting solutions with the ability to output the results in a variety of formats and to repurpose the results for reports targeting different technical levels
  • Implement and use cyber security frameworks including MITRE ATT&CK
  • Provide advanced forensic analysis through testing of mobile devices and policies
  • Familiarity with iOS or Android operating systems
  • Knowledge with digital exploitation and skills such as computer forensics, Document and Media Exploitation (DOMEX), reverse engineering, and malware analysis
  • Experience designing, implementing and documenting computer forensics services to include evidence seizure, computer forensic analysis and data recovery
  • Skill with malicious code reverse engineering to isolate, review, analyze, and reverse-engineer potentially malicious programs recovered from compromised mobile devices

Desired Skills

  • Researching of new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits.
  • An in-depth understanding of computer forensic and cyber security principles including intrusion response and network monitoring
  • Ability to understand hardware configuration and network/data communications, software development and scripting, and database technology and database exploitation/forensics
  • Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework Experience with forensic processes and procedures (chain of custody, computer acquisition techniques, and memory acquisition techniques)
  • Determination of wrong doing facilitated by IT systems or mobile devices
  • Mitigation for insider threat and disgruntled employee data loss
  • Malicious code scans – before and after overseas travel
  • Hard drive forensics
  • Intellectual property theft
  • Misuse and abuse cases (ie, viewing adult content, timecard fraud, etc.)
  • Recovery of files (maliciously deleted or accidental)
  • Misuse of computer equipment (USB, phones)
  • Demonstrated ability to document processes
  • Experience with RSA Netwitness, Splunk, FireEye NX, EX, HX, AX, Carbon Black Response, RSA Archer
  • Experience utilizing commercial imaging tools such as Cellebrite and XRY
  • Reverse engineering or application tear-down experience
  • Compiles and maintains internal standard operating procedure (SOP) documentation.
  • Participates in program reviews, product evaluations, and onsite certification evaluations
  • The ability to solve problems independently

Education Requirement

  • Bachelors in Cybersecurity, Computer Science/Electrical Engineering, Engineering or IT

Years of Experience Requirement

  • 5 Years of Cybersecurity experience with concentration in mobile forensics and Incident Response, and or practical experience performing mobile forensics

Desired Certification(s) 

  • Certified Cyber Forensics Professional (CCFP)
  • Certified Computer Forensics Examiner (CCFE) from IACRB
  • Certified Forensic Computer Examiner (CFCE) from IACIS
  • EnCase Certified Examiner (EnCE)
  • AccessData Certified Examiner (ACE)
  • GIAC Advanced Smartphone Forensics Certification (GASF)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Network Forensic Analyst (GNFA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Reverse Engineering Malware (GREM)
  • Computer Hacking Forensic Investigator (CHFI)
  • Certified Computer Examiner (CCE)

Location

  • Washington, D.C

Security Clearance

  • Top Secret with SCI Eligibility

Sound like the job for you?

Send us a link to your resumé or portfolio to become part of our talent pool.

Click here to apply

Warning: Invalid argument supplied for foreach() in /var/www/wp-includes/class-wp-list-util.php on line 157