Cask Technologies

Monitor external data sources (e.g., computer network defense vendor sites, Computer Emergency Response Teams, Storage Area Networks (SANs), Security Focus), update the CND threat condition, and determine which security issues may have an impact on the enterprise.. Analyze log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security and perform command and control functions in response to incidents.. Forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) to support deployable Incident Response. Clearance Required: TS/SCI with counter-intelligence polygraph. Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

incident response

Cask is a leading Management Consulting firm specializing in delivering business and technical expertise to clients across commercial and government markets. Join the many happy employees at Cask! We have been named a top 5 firm to work for by Consulting Magazine for 5 of the past 6 years. Responsibilities The contractor shall assist with analysis of actions taken by malicious actors in order to determine initial infection vector, establish a timeline of activity, and any data loss associated with incidents.
Provide Python Programming, PowerShell Programming, and Script Development.
Coordinate with and provide expert technical support to enterprise-wide CND technicians to document CND incidents, correlate incident data to identify specific vulnerabilities, and make recommendations enabling remediation.
Monitor external data sources (e.g., computer network defense vendor sites, Computer Emergency Response Teams, Storage Area Networks (SANs), Security Focus), update the CND threat condition, and determine which security issues may have an impact on the enterprise.
Analyze log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security and perform command and control functions in response to incidents.
Perform CND incident triage, to include determining, urgency, and potential impact; identifying the specific vulnerability; and making written recommendations that enable expeditious remediation.
Utilize forensically sound collection techniques of images and inspect to discern mitigation/remediation on enterprise systems, perform real-time CND incident handling (e.g.,
Forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) to support deployable Incident Response Teams (IRTs).
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts and track and document CND incidents from initial detection through final resolution.
Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, and security robustness), collect intrusion artifacts (e.g., source code, malware, and trojans), and use discovered data to enable mitigation of potential CND incidents within the enterprise.
Requirements Clearance Required: TS/SCI with counter-intelligence polygraph
IAT level III or CSSP Incident Responder certification with documented additional education, specialization, or certification in one of the technologies or tools listed below:
5 years of experience in a majority of the below:
System Architecture
- Network Engineering
- Systems Engineering
- Virtual Environments
Scripting
- Powershell
- Python
- RegEx
Forensics
- Dead disk and memory interrogations
- Malware analysis/reverse engineering
Additional Preferred Experience
- SCADA Systems
- Cloud Environments
- Database Administration
- Hunt Methodologies
- SEIM Operations (Splunk/Security Onion)
Cask is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, among other things, or status a qualified individual with a disability.EEO/Employer/Vet/Disabled
Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below. #J-18808-Ljbffr

START NEW SEARCH