Incident Response & Forensic Engineer

This job is no longer active. View similar jobs.

POST DATE 9/10/2016
END DATE 11/9/2016

Chickasaw Nation Industries Rockville, MD

Rockville, MD
AJE Ref #
Job Classification
Full Time
Job Type
Company Ref #


The Incident Response & Forensic Engineer will assist in the creation, implementation, and operation of a Cyber Threat Intelligence and Incident Response program for a Federal Agency. The duties will include support of an incident handling process, creation and support of a forensics lab and investigation process as well as close collaboration with the secure operations center well as with the architecture, operations, and research groups.

Essential duties and responsibilities include the following. Other duties may be assigned.

Responsible for the integration of CNI Core Competencies into daily functions, including: commitment to integrity, knowledge/quality of work, supporting financial goals of the company, initiative/motivation, cooperation/relationships, problem analysis/discretion, accomplishing goals through organization, positive oral/written communication skills, leadership abilities, commitment to Affirmative Action, reliability/dependability, flexibility and ownership/accountability of actions taken.

Reports events using Risk Vision tool.

Develops network baseline; maintains up-to-date signature levels; reports anomalies as required by Agency security.

Uses forensic software/hardware applications to analyze electronic media Netwitness experience is required.

Collaborates with other local, national and international CIRTs.

Documents requests and activities in case management system.

Researches and recommends forensic tools that improve productivity and accuracy of investigations.

Serves as technical consultant and provide training in computer examinations and techniques to other forensic investigators and internal investigative entities.

Reviews information security clearing-houses and cooperative network security communities for latest security trends and threats. Produces signatures and implementable reports for use in detection tools based on possible threats.

Periodically scans for vulnerabilities in accordance with implemented organizational policy. Report findings in accordance with established procedures.

Conducts security audit log analysis for Agency systems. Logs will be from firewalls, Intrusion Detection Systems (IDS), operating systems and other security appliances and tools. Provide advice regarding identified and suspected risks as well as recommended mitigating techniques and corrective actions.

Preference for forensic examinations of electronic evidence, including computer-related equipment, network devices, and information systems.

Prepares written report of forensic examination findings to include procedures used and evidence located.

Provides technical guidance and assistance to others involved in the investigation to ensure precautions are taken to prevent data and equipment damage.

Responsible for aiding in own self-development by being available and receptive to all training made available by the company.

Plans daily activities within the guidelines of company policy, job description and supervisor's instruction in such a way as to maximize personal output.

Responsible for keeping own immediate work area in a neat and orderly condition to ensure safety of self and co-workers. Will report any unsafe conditions and/or practices to the appropriate supervisor and human resources. Will immediately correct any unsafe conditions to the best of own ability.

Minimum of eight years security experience in: 1) systems security analysis and implementation, design assurance and testing; 2) implementing, administering, performing tests and analyzing all elements of network systems; 3) experience with current and emerging technologies. Or, Bachelor's degree in a major field of study, such as Computer Science, which provides substantial knowledge useful in administering large, complex networks and minimum of four years security experience in: 1) systems security analysis and implementation, design assurance and testing; 2) implementing, administering, performing tests and analyzing all elements of network systems; 3) experience with current and emerging technologies.


Familiar with OMB, FISMA, FIPS, HIPPA, HSPD12, PIV/CAC, two factor authentication, shared token, etc
Strong written and verbal communications skills with ability to prepare quality reports, presentations, summaries and analysis
Strong interpersonal skills applied to interactions with all levels of authority
Ability to read, analyze, develop and interpret common information systems security documents

Driver's License
Preferred certifications such as CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, CCNA or SSCP

Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages, area, circumference and volume. Ability to apply concepts of basic algebra and geometry.

Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.

Ability to read, analyze and interpret common scientific and technical journals, financial reports, and legal documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Ability to write speeches and articles for publication that conform to prescribed style and format. Ability to effectively present information to top management, public groups, and/or boards of directors.