ECS is seeking a Mobile Security Operations Analyst to work in our Washington, DC office.
The candidate must be versed enough in their skills to implement detection measures using data from a wide spectrum of sources and advanced techniques and procedures against all forms of mobile devices. The candidate will also perform opportunistic threat hunting and forensic analysis when required during incidents.
- Review and complete inventory of mobile devices and applications and how security is measured
- Develop mobile monitoring by using any form of collection such as entry log-in, network and host-based data to drive detection and response capabilities
- Create detection analytics based off the MITRE ATT&CK Framework and other security frameworks
- Perform unique research on adversarial Tools, Techniques, and Procedures (TTPs)
- Aid the Ops Watch team in response to incidents by analyzing host behavior and network traffic
- Authorized to view audit records and other SysLogs and action records
- Assess security connectivity and risk areas
- Bachelor or Graduate degree in Cybersecurity, Computer Science, Information Systems, or other related scientific or technical discipline
- Must have a Top-Secret Clearance with SCI Eligibility
- Knowledge of Incident Response Procedures
- Understanding of mobile device, architecture and security compliance applied
- Be able to correlate data to help detect, remediate, monitory and feedback changes in TTPs
- Monitor emerging threat technologies and adversary strategies
- Determine best methods of detection using a combination of Log Aggregation Tools, scripts and manual surveillance techniques
- Be able to aid forensic team in opening mobile devices as part of Incident Response analysis
- Explores patterns in network and system activity via log correlation using Splunk and supplemental tools
- Compiles and maintains internal standard operating procedure (SOP) documentation.
- Provides network intrusion detection and monitoring, correlation analysis, incident response and support for the Cybersecurity Service Provider (CSSP) and its subscriber sites
- Validates suspicious events or reports and determine if the event constitutes an incident and properly enter associated data into the appropriate reporting systems
- Ensures tool provides ability to properly analyze, perform and timely and accurately report of the incident is completed
- Logical thinking and analytical ability
- Verbal and written communication ability
- The ability to solve problems independently
- Functional knowledge with mobile forensics tools such as Cellebrite, FTK and EnCase
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.