Endpoint analyst
at BAE Systems
Falls Church, VA 22042, USA -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 28 Jul, 2024 | USD 92290 Annual | 30 Apr, 2024 | N/A | Shell Scripting,Forensic Analysis,Artifacts,Operations,Carbon Black,Endpoint Protection,Security Operations Center,Python,Incident Response,Languages,Mcafee,Powershell | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
JOB DESCRIPTION
BAE Systems, Inc. is searching for a Mid to Senior level Endpoint Threat Detection and Response analyst to conduct host-based defensive cyber operations. Such operations include: reviewing detections/alerts, investigating suspicious activity, threat hunting, developing detection content and performing live artifact retrieval on EDR/EPP platforms. In addition, developing deployable forensics tools.
REQUIRED EDUCATION, EXPERIENCE, & SKILLS
Monitor detections/alerts in EDR/EPP platforms
Investigate and triage detections/alerts in EDR/EPP platforms
Conduct threat hunting operations using various tools
Develop host-based detection content in EDR/EPP platforms
Experience developing deployable forensics tools (for system admins to be able to run to automatically gather artifacts for offline analysis)
Incident Response
Intrusion Analysis
Forensic Analysis
Experience working in a security operations center
Working understanding of the Lockheed Martin Cyber Kill Chain®
College degree is not required
Extensive experience with Windows operating system function, registry, internals, etc.
Experience with and understanding of common malware tactics and how they interact with victim systems.
Experience with coding/scripting in languages such as Python, PowerShell, Unix Shell Scripting.
Experience with any of SentinelOne, CrowdStrike, Carbon Black, FireEye HX, McAfee ePO, etc.
Linux OS familiarity.
PREFERRED EDUCATION, EXPERIENCE, & SKILLS
Experience with both commodity and nation-state malware
Familiar with malware families (e.g. PoisonIvy, Gh0st RAT)
PowerShell Scripting
CrowdStrike Falcon experience
FireEye Endpoint Protection (HX) experience
McAfee Access Protection (ePO/MCAP) experience
Solid experience with Linux OS
Writing of Yara rules to identify malicious files
Responsibilities:
Please refer the Job description for details
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Information Technology/IT
IT Software - Other
Other
Graduate
Proficient
1
Falls Church, VA 22042, USA