Description
Tyto Athene is searching for a Cyber Defense Forensics Lead to support a law enforcement customer in Ashburn, VA. You will play a critical role in leading in-depth analyses and responding to incidents from cyber threats facing our clients. In addition to being our initial point of contact for end users, you will serve as the escalation point for other analysts, helping guide them through more complex and high-priority incidents.
Responsibilities:
Lead cross-functional teams to perform in-depth analysis and investigation of high-priority cybersecurity incidents
Utilize security tools to analyze, investigate, and triage security alerts
Coordinate the monitoring of our customers environments, including cloud and SaaS solutions for evidence of adversarial activity
Utilize advanced tools, such as digital forensics or malware analysis capabilities, to identify incidents' root causes, scope, and impact
Collaborate with cyber threat hunting and cyber threat intelligence teams
Serve as the primary incident point of contact with law enforcement, third-party vendors, and other external parties
Coordinating tasking from Federal leadership
Conduct post-incident analysis and lessons learned to identify improvement opportunities
Develop or tune detection rules or signatures to improve the effectiveness of security monitoring and collaborate with engineering teams to implement them
Accurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS)
Learn new open and closed-source investigative techniques
Perform research on emerging threats and vulnerabilities to aid their prevention and mitigation
Assist in developing and implementing initiatives that will enhance the SOC's performance (e.g., SOPs, playbooks, capability deployments)
Escalate SOC performance issues or risks to management
Provide guidance and mentorship to Tier 1 and Tier 2 SOC Analysts to enhance their skills and capabilities
Qualifications
Required:
Minimum of seven (7) years professional cybersecurity experience with strong expertise in incident response, insider threat investigations, forensics, and threat analysis.
Minimum of five (5) years hands-on security operations experience, with experience in the last two years including:
Host-based and network-based monitoring
Insider threat detection tools
Host-based forensic tools
SIEM platforms
Intrusion detection and analysis capabilities
Endpoint threat detection tools
Security operations ticketing tools
Proven experience identifying and analyzing anomalous security activities.
Demonstrated ability to create insider-threat dashboards, reports, and workflows.
Strong experience capturing evidence, documenting results, and escalating issues when necessary.
Experience mentoring and training junior team members.
Strong understanding of confidentiality, integrity, and availability (CIA triad) principles and best practices.
Desired:
CISSP - Certified Information Systems Security Professional
GCFA - GIAC Certified Forensic Analyst
GCFE - GIAC Certified Forensic Examiner
GREM - GIAC Reverse Engineering Malware
GNFA - GIAC Network Forensic Analyst
Clearance:
TS/SCI Clearance required
About Tyto Athene
Compensation:
Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
Benefits:
Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave.
Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.
At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto
Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law.
Submit a Referral (https://careers-gotyto.icims.com/jobs/1550/cyber-defense-forensics-lead/jobmode=apply&apply=yes&in_iframe=1&hashed=-1834326889)
Location US-VA-Ashburn
ID 2025-1550
Category Cybersecurity
Position Type Full-Time
CLZUU DOMUU SK111 SK222 SK333 SK444 SK555 SK666
