Job Details
We are seeking Cybersecurity Forensics Analysts to support this critical customer mission.
Eligibility:
- Must be a US Citizen
- Must have an active TS/SCI clearance
- Must be able to obtain Client Entry on Duty (EOD) Suitability prior to starting
- Must have 8+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools
Responsibilities:
- Assisting Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations
- Providing technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessary
- Writing in-depth reports, supports with peer reviews and provides quality assurance reviews for junior personnel
- Supporting forensic analysis and mentoring/providing guidance to others on data collection, analysis and reporting in support of onsite engagements.
- Assisting with leading and coordinating forensic teams in preliminary investigation
- Planning, coordinating and directing the inventory, examination and comprehensive technical analysis of computer-related evidence
- Distilling analytic findings into executive summaries and in-depth technical reports
Serving as technical forensics liaison to stakeholders and explaining investigation details to include forensic methodologies and protocols - Tracking and documenting on-site incident response activities and providing updates to leadership throughout the engagement
- Evaluating, extracting and analyzing suspected malicious code
Required Skills:
- Ability to create forensically sound duplicates of evidence (forensic images)
- Able to write cyber investigative reports documenting forensics findings
- Experience with the analysis and characterization of cyber attacks
- Experience with proper evidence handing procedures and chain of custody protocols
- Skilled in identifying different classes of attacks and attack stages
- Knowledge of system and application security threats and vulnerabilities
- Knowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resources
- Must be able to work collaboratively across physical locations
Desired Skills:
- Experience and proficiency with the following tools and techniques: EnCase, FTK, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, and Snort
- Experience with other EDR Tools: Crowdstrike, Carbon Black, Etc
- Proficiency with Conducting all-source research
Required Education: Bachelor's in Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma & 10+ years of host or digital forensics experience.
Desired Certifications: GCFA, GCFE, EnCE, CCE, CFCE, CEH, CCNA, CCSP, CCIE, OSCP, GNF