Incident Response Expert​/Cyber Eviction Analyst

Overview

Incident Response Expert / Cyber Eviction Analyst

Location:

Arlington, VA

Must have an active Top Secret Security Clearance

Node.

Digital is an innovative minority-owned solutions and services company specializing in AI & Automation. We combine proprietary agile development services with next-generation technology to create seamless customer experiences, driving digitalization and automation across industries. Our mission is to blend story, strategy, and technology to deliver frictionless multichannel user experiences.

• Serving as a hunt and incident response subject matter expert, providing technical direction and alternatives to response teams
• Applying deep knowledge of threat actor tools, techniques, and procedures (TTPs) to complex incident response challenges
• Producing executive summaries and detailed technical reports for stakeholders
• Conducting expert analysis and research on hunt and incident response problems with broad direction
• Setting technical objectives and developing creative solutions to complex security issues
• Analyzing incident data and victim environments to recommend targeted mitigations
• Advising on countermeasure implementation and customization
• Supporting containment and eradication missions
• Documenting analysis in a standardized knowledge base and maintaining process/procedure documentation
• Guiding completion of hunt and incident response activities across multiple environments

• Bachelor’s degree in Computer Science, Cyber Security, Computer Engineering, or a related field; or a high school diploma with 10+ years of technical experience
• 8+ years of cyber incident response experience, including threat hunting, containment, and eradication
• Proficiency administering and investigating on both Linux/Unix and Windows systems
• Hands-on experience using Splunk as a SIEM for incident response or threat hunting
• Strong understanding of network architecture, network security concepts, and attack stages/classes
• Incident response experience across on-premises, cloud environments, and Windows Active Directory
• Meets DoD 8140.01 certification requirements at IAT II, IASAE II, or CSSP Analyst level
• U.S. citizen with an active TS/SCI clearance and ability to obtain DHS suitability
• Ability to travel domestically on short notice (~25%)
• Experience producing executive summaries and detailed technical incident response reports

• Holds at least one of the following certifications: GCIA, GCIH, CEH, or GIAC GNFA
• Experience with leadership or mentoring in incident response teams
• Familiarity with CND policies and procedures
• Knowledge of threat environments, network/system administration, and IAM tools
• Experience with enterprise architecture security review and defense-in-depth strategies
• Expertise in host and network intrusion detection, event correlation, and malicious activity analysis
• Strong collaboration skills with stakeholders across multiple locations

We are proud to offer competitive compensation and benefits packages to include:

• Medical
• Dental
• Vision
• Basic Life
• Long-Term Disability
• Health Saving Account
• 401K
• Three weeks of PTO
• 10 Paid Holidays
• Pre-Approved Online Training