Analyst, Cybersecurity DFIR

Job Purpose

The ICE Cybersecurity Digital Forensics and Incident Response (DFIR) team is responsible for defending critical financial infrastructure from Global Cyber threats. We leverage an evolving arsenal of controls that require technical proficiency as well as tenacity, professionalism, and strong communication skills.

Responsibilities

• Security Analytics - Efficiently distill actionable information from large data sets for reporting, hunting, and anomaly detection
• Incident Management – Detect, document, investigate, and resolve security incidents in an efficient manner
• Endpoint Forensics - Construct meaningful incident timelines from forensic artifact analysis
• Counter Measures - Ability to design and implement preventative and corrective controls to counteract emerging threats
• Proactive Threat Hunting - Develop and execute focused plans to discover advanced threats that evade traditional security controls
• Behavioral Analysis -Develop and implement criteria to identify anomalous user behavior leading indicating insider threat activity
• Intrusion Detection - Develop and tune network anomaly control capability to produce reliable actionable data
• Threat Hunting - Proactively search for unknown threats within the environment.

Knowledge and Experience

• University degree in related discipline
• 1+ years of relevant experience
• Deep understanding of networking and its application
• Hands on experience with Windows and Linux