Cyber Incident Responder

MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious organizations globally. 

Our relationship with you is for the long run because your success is our success. We invest in your success through fantastic benefits (healthcare, generous PTO, paid parental leave, and tuition reimbursement, to name a few). 

Beyond just excellent pay and benefits, you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you. 

A position at MPG promises you 

• A diverse organization 
• A safe workplace with zero tolerance for discrimination or harassment of any kind  
• A balanced work life. Seriously.  
• A stable, established, and growing business
• A leadership team focused on your professional growth and development

This position is contingent upon contract award. MindPoint Group is seeking a Cyber Incident Responder who will be building a foundation in responding to and managing impactful cyber breaches. If you can think like an attacker, stay one step ahead, think outside the box, then you’re the type of consultant we’re looking for. As a MindPoint Group consultant, you’ll get hands-on experience with complex problems daily. We help our clients protect their most sensitive and valuable data through comprehensive and real-world scenario testing. You will get to work with some of the best incident responders in the industry. Are you up to the challenge?

• Perform host, network, and mobile device forensics; malware triage; and cyber incident response
• Provide technology advisory services to enhance forensic client engagements
• Recognize common attacker tools, tactics, and procedures
• Provide oversight for on-site examinations and collections
• Research and develop new digital forensics scripts, tools, and methodologies
• Assess and troubleshoot a variety of technical issues, and support a cyber response lab in a technically secure environment

• Top Secret clearance (SCI eligible) is strongly preferred but will consider exceptional candidates who are Public Trust eligible
• Minimum of five years of experience in digital forensics and incident response
• Bachelor's degree in a technical field from an accredited college/university or equivalent experience (Computer Science preferred)
• GCIH Certification or equivalent Incident Handling certification
• Technical proficiency in Windows operating system internals, disk (NTFS, FAT32, and exFAT file systems) forensics, and proficiency in Windows memory forensics and in at least one of the following areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
• Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite and in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS), and in at least one scripting/programming language (Python preferred), and/or extensive experience with text processing in a Linux/Unix shell environment (e.g., cut, sed, awk, grep, and iconv)
• Strong technical acumen and ability to quickly assimilate new information
• Time management skills to balance time amount multiple tasks and priorities
• Ability to successfully interface with clients (internal and external) and manage expectations of others
• Ability to document and explain technical details in a concise, understandable manner

Other Qualifications:

• While this position is fully remote, preference will be given to candidates who reside in the Washington, DC area. For candidates outside of the Washington, DC area, travel up to 10% to Washington, DC area will be required post COVID.

• All your information will be kept confidential according to EEO guidelines.
• Equal Opportunity Employer Veterans/Disabled