📁
Information Technology
📅
262057 Requisition #

Title: Cyber Security Forensic Investigator (Sr./Lead Cyber Security Analyst)
Travel: 5-10%
Location: San Francisco, CA, Phoenix, AZ, Salt Lake City, UT, Los Angeles, CA, Portland, OR, Seattle, WA
Remote option: This role is available for 3 days/week as a remote worker.


What we do: 
The National Incident Response Team (NIRT), a national service provider for the Federal Reserve System (FRS), delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the System. The mission of the NIRT is to play a leading role in the System’ efforts to protect its information systems against unauthorized use.


Position Overview

NIRT Incident Response (IR) leads response efforts for cybersecurity events and serves as ‘first responders’ for suspected security incidents. When attacks are detected, the response team works in partnership with national and local teams to assess and contain the threat, minimize the impact, and ensure stakeholders are informed.  Additionally NIRT IR provides digital forensic investigation services to supplement incident response and insider risk management efforts. NIRT executes digital investigations involving a variety of digital evidence types and devices, such as workstations, virtual machines, servers, cloud assets, and mobile devices. NIRT IR performs reverse engineering of malware to help identify the tactics, techniques, and procedures used against the System and our partner organizations. This analysis guides responsive efforts and supplements externally sourced intelligence to better inform detection and further enhance the security posture of the System and our partner organizations.
 
Required Qualifications
• Bachelor’s degree in Computer Science, Information Systems, Computer Engineering, Cybersecurity, Systems Analysis or a domain related field or an equivalent combination of education and work experience. 
• Typically requires 6+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 3 years’ experience in computer network defense, computer network exploitation, incident response, computer forensics, malware reversing, cyber intelligence or engineering principles discipline
• Manages security incidents and conducts incident analysis, containment, protection, mitigation, and recovery activities across the System
• Analyzes all relevant data sources for attack indicators and potential network compromise
• Responds to different attack vectors such as data exfiltration, DDoS, malware, and phishing
• Develops scripts and tools to improve the efficiency of incident detection and response processes
• Performs forensic investigations and reporting with minimal oversight
• Prepares and presents investigation and/or forensic analysis findings to technical and business area stakeholders with tailored reports and case close out meeting
• Performs malware behavioral analysis and limited reversing and documents the results of this analysis clearly and concisely
• Identifies gaps/opportunities for enhancements to workflows and processes for enhancing the incident response and forensics lifecycle
• Routinely supports cross-team initiatives to help implement cybersecurity improvements
• Knowledge of cloud computing security  

              
The Federal Reserve Bank of San Francisco is an Equal Opportunity Employer. Our people proudly reflect the diversity and ideas of the communities we serve.

 


Previous Job Searches

Activity Feed

1072
Job shares through The Federal Reserve System
Someone applied to the 2020 Summer Internship Program position. 1 day ago
Someone applied to the Business Relationship Management Specialist position. 1 day ago
Someone applied to the Institute Research Economist / Senior Institute Research Economist position. 1 day ago
Someone applied to the Assistant Examiner (Consumer) position. 2 days ago
Someone applied to the Law Enforcement Officer position. 2 days ago

Similar Listings

California, San Francisco

📁 Information Technology

Requisition #: 261638

California, San Francisco

📁 Information Technology

Requisition #: 261171

California, San Francisco

📁 Information Technology

Requisition #: 260639