IT Security Incident Response Analyst

DB Consulting Group, Inc. - Cleveland, OH3.8

30+ days ago
Essential Duties & Responsibilities:
DB is seeking a qualified candidate to be responsible to partner with their team members and other departments in the GRC IT Security Office, to identify and remediate cyber security incidents such as malware infections and perform routine IT risk analysis and administrative tasks such as imaging hard drives for internal cyber security investigations. Typical activities include investigating malware infected PC's determining how the infection occurred, what information was lost and how to prevent future infections. This position independently handles complex security tasks. This individual will also support IT risk and security posture for NASA. The position requires the ability to work well with others and manage multiple priorities related to a variety of tasks.

Summary of Qualifications:
Accountable for analysis of a wide range of operating systems, including, but not limited to Linux, Windows, and OSX in the event that a cyber security incident has occurred
Review of multitude of log formats that include, and not limited to:
Splunk (GLIMS) data aggregator
Server/Workstation/Device Log Data
Reporting of IR findings to appropriate parties that are involved with the case[s]. This information will be filtered to the Incident Response team and Incident Response Manager prior to dissemination with other parties.
Communication is based on a need-to-know.

Approved parties include but are not limited to:
Human Resources
Criminal Investigations (CI)
Legal
Office of the Inspector General (OIG)
Responsible for understanding and implementing policies, procedures and standards required by NASA policies, guidelines and procedures

Examination of a multitude of file formats to include:
Email analysis
Documentation analysis (MS Word/Rich Text Format/Open Office)
Graphic file analysis (Joint Photographic Experts Group [JPEG/JPG], Tagged Image File Format [TIFF], Bit Map Picture [BMP])
Examination of hard drive disk data, up to and including analysis and review
Includes RAIDs, servers, laptops, and desktops
Create project plan with schedules that are updated on quarterly basis
Create and maintain project portfolio with assistance from Program Protection Office
Follow best-in-class (legally accepted) digital forensic methodology
Conduct review of network-based traffic for both malicious incidents, as well as digital forensics

Operations, Support and Maintenance
Perform daily system monitoring, verifying the integrity and availability of all hardware, server resources, systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups.
Perform regular security monitoring to identify system irregularities, system errors and possible unauthorized access.
Provide IT security support per request from various constituencies to ensure they are conforming to IT security policies, procedures and standards

Preferred Skills
Strong work ethic
Ability to work independently and within diverse teams
Ability to prepare documentation and reports for management
Strong skills in Microsoft Office products and Microsoft Visio
Strong listening and communication skills
Good knowledge of Windows, networking, IT security tools and basic coding
Strong analytical and problem-solving skills
Can convey complex and technical issues to diverse audiences, orally and writing in a manner that is easily understood
Ability to apply different strategies to convince others to change their opinion or plan and wins support from others for ideas
Demonstrated knowledge of current MS Office products (especially Excel, Word & PowerPoint)

Education
This position prefers a bachelor’s degree in computer science or a related IT security field. Candidates with bachelor degrees in other fields will be considered depending on relative work experience and years in the field. A combination of education, training, or certification that provides the requisite knowledge, skills, and abilities may be substituted for the degree.

Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individual with Disabilities
XJ6