Ellington Solutions is seeking out qualified candidates that will:
- Practical experience in Digital Forensics & Incident Response (DFIR)
- Carry out comprehensive forensic examinations on endpoints
- Conduct proactive threat hunting
- Work in conjunction with SOC Tier 2 analysts to offer technical insights
- Evaluate and address cyber threats in real-time
- Participate in investigations related to incident response
- Utilize advanced security tools (e.g., CrowdStrike, Splunk)
- Engage in team meetings, share knowledge, and contribute to process enhancements
- Uphold high standards of communication and documentation
Requirements The qualified candidates will have:
- U.S. Citizenship (Required)
- At least five years of experience in Cybersecurity or a similar discipline.
- Proficient in one or more cloud platforms and familiar with cloud security practices.
- Comprehension of computer networking principles and protocols, along with network security methods such as network traffic analysis and packet-level scrutiny using tools like Wireshark and tcpdump.
- Acquainted with Windows and Unix ports and services.
- Familiarity with current identity and access management strategies.
- Hands-on experience with automation, machine learning, and/or artificial intelligence.
- Knowledge of various types of digital forensics data, with the capability to identify and collect persistent data.
- Understanding of different file system architectures (e.g., New Technology File System NTFS , File Allocation Table FAT , File Extension EXT ), and awareness of which system files (e.g., log, registry, and configuration files) contain relevant information and their respective locations.
- Knowledge of protocols for the collection and preservation of digital evidence.
- Proficiency in Digital Forensics & Incident Response (DFIR), as well as expertise in Threat Hunting and Incident Response at a Tier 3 level.
- Strong communication, organizational, and collaborative skills.