Cyber Forensics Analyst, Mid

Location
Herndon, VA
Posted
Jun 19, 2019
Closes
Nov 04, 2019
Ref
R0020820
Hours
Full Time
Job Number: R0020820

Cyber Forensics Analyst, Mid
Key Role:

Use leading-edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected Cyber intrusions. Follow proper evidence handling procedures and chain of custody protocols. Produce written reports documenting digital forensic findings. Determine programs that have been executed, including finding files that have been changed on disk and in memory. Use timestamps, logs hosts, and network logs to develop authoritative timelines of activity and find evidence of deleted files and hidden data. Identify and document case relevant file-system artifacts, including browser histories, account usage, and USB histories.

Basic Qualifications:

-5+ years of experience with digital forensics

-Experience with creating forensically sound duplicates of evidence, including forensic images to use for data recovery and analysis and performing all-source research for similar or equivalent network events or incidents

-Experience with using timestamps and host and network logs to develop authoritative timelines of activity to find evidence of deleted files and hidden data

-Experience with identifying and documenting case file-system artifacts, including browser histories, account usage, and USB histories

-Experience in assisting with preliminary analysis by tracing an activity to its source and documents findings for input into a forensic report and documenting original condition of digital and associated evidence by taking photographs and collecting hash information
-TS/SCI clearance with a polygraph
-BA or BS degree in Engineering, Computer Science, IT, or Cyber

Additional Qualifications:

-Experience with a common scripting or programming language, including Perl, Python, Bash, or PowerShell

-Experience with Endpoint Detection and Response tools

-Experience with commonly used forensic toolsets, including EnCase, FTK, or BlackLight

-Active Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Examiner (GCFE), or GIAC Certified Forensic Analyst (GCFA) Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.

We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic-to fearlessly drive change.

Similar jobs