HHS - Digital Forensics/Threat Hunter

Related keywords: cyber security remote jobcyber security remote jobremote job data analyst

Job Overview

cFocus Software is seeking a Digital Forensics/Threat Hunter to support the Department of Health and Human Services (HHS). The position is remote, allowing candidates to work from anywhere in the United States while contributing to significant cybersecurity efforts.

Responsibilities

As a Digital Forensics/Threat Hunter, the primary responsibilities include conducting proactive threat hunting using various techniques, mapping incidents to the MITRE ATT&CK framework, and performing in-depth digital forensic analysis of endpoints, servers, cloud workloads, and network artifacts.

Key duties also involve:

• Investigating advanced cybersecurity threats such as ransomware, insider threats, and data exfiltration.
• Analyzing malware and suspicious binaries, including reverse engineering when necessary.
• Identifying Indicators of Compromise (IOCs) and detailing the Tactics, Techniques, and Procedures (TTPs) used by attackers, while maintaining an attack timeline.
• Preserving the chain-of-custody and ensuring evidence integrity for various legal and regulatory situations.
• Supporting incident containment, eradication, and recovery efforts while collaborating closely with Security Operations Center (SOC) and Incident Response (IR) teams.
• Developing and maintaining standard operating procedures (SOPs), playbooks, and workflows for both forensic and threat hunting activities.
• Producing thorough reports documenting forensic investigations and threat hunts within defined service level agreements (SLAs).
• Supporting Freedom of Information Act (FOIA) searches and participating in various cyber exercises to enhance skills and collaboration.

Required Skills

Candidates interested in this position need to meet specific qualifications to succeed in their role:

• A Bachelor's degree in Cybersecurity, Computer Science, Digital Forensics, or a related field.
• A minimum of 6-9 years of experience in digital forensics, threat hunting, or incident response.
• Hands-on experience with popular forensic tools such as EnCase, FTK, and Volatility, alongside familiarity with endpoint detection and response (EDR) platforms.
• A strong understanding of NIST frameworks, including
  • NIST SP 800-61 (Computer Security Incident Handling Guide),
  • NIST SP 800-86 (Guide to Integrating Forensic Techniques into Incident Response), and
  • NIST SP 800-53 (Security and Privacy Controls).
• Proficient analytical skills to assess endpoint, network, cloud, and log-based forensic data are crucial.
• Familiarity with malware analysis, scripting, and the broader context of attacker tradecraft is also advantageous.
• Strong written and verbal communication skills are necessary to effectively convey the findings and interactions with stakeholders.
• Preferred credentials include certifications such as GCFA (GIAC Certified Forensic Analyst), GCIH (GIAC Certified Incident Handler), GNFA (GIAC Network Forensic Analyst), CISSP (Certified Information Systems Security Professional), or CEH (Certified Ethical Hacker).

Work Environment

The position's remote nature allows for flexible work arrangements, permitting employees to fulfill their roles from anywhere in the U.S. As a full-time employee of cFocus Software, contributions will be directed towards enhancing the cybersecurity posture of HHS.

Salary Information

While specific salary figures are not disclosed in the provided details, it is advisable for applicants to research typical compensation for similar positions in the cybersecurity field, particularly for roles with a similar level of responsibility and required experience.

Summary

This opportunity with cFocus Software provides a platform for experienced cybersecurity professionals to impact health and human services through effective digital forensics and threat hunting practices. The emphasis on a broad range of skills underscores the evolving nature of cybersecurity and the need for continuous development in response strategies. Job seekers with the requisite skills and a commitment to advancing cybersecurity efforts are encouraged to apply.

This job offer was originally published on himalayas.app