Mobile Forensic Analyst

Arlington, VA
Sep 12, 2021
Sep 20, 2021
Full Time
Job DescriptionRaytheon Intelligence & Space (RIS) - Cybersecurity, Training & Services (CTS) has an immediate opening for a Mobile Forensic Analyst to support a US Federal Agency contract to enable mission accomplishment by investigating electronic data and digital devices in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts about the digital information.Responsibilitiesinclude obtaining, accessing, and analyzing data from hard drives, emails, smartphones, and tablets.* An active TS clearance is required.Work Location:National Capital Region (Rosslyn, VA)Job Description:Resolve highly complex malware and intrusion issues using computer host analysis, forensics, and reverse engineering. Discover, analyze, diagnose, and report on malware events, files and network intrusion and vulnerability issues. Recommend counter measures to malware and other malicious type code and applications that exploit customer communication systems. Conduct reverse engineering for known and suspected malware files. Develop analysis and make recommendations for the purchase of hardware and or software that will mitigate malware intrusions. Develop policies and procedures to investigate malware incidents for the entire computer network. Assist in the development and delivery of malware security awareness products and briefings.Responsibilities:Shall perform specific activities that include, but not limited to the following: Perform advanced network threat hunting to detect malicious or suspicious behavior on Department on-premises and cloud-based networksRespond to security events received from CIRT, provide comprehensive findings and recommended remediation steps.Activities include the following:Advanced code analysis (eg reverse engineering of malicious code)Advanced traffic analysis (at the packet level) and reconstruction of network traffic to discover anomalies, trends, and patternsPerform forensic analysis of suspected systems (eg mobile devices, on and off premise network devices, and storage media) impacted by malicious activityCreate, troubleshoot, configure and operate complex scripting solutions with the ability to output the results in a variety of formats (eg HTML, XML, etc.) and to repurpose the results for reports targeting different technical levels (eg other analysts, management, etc.)Implement and use cyber security frameworks (eg MITRE-ATARC, Kill Chain, etc.)Provide advanced forensic analysis of Department-owned mobile devices (eg GFE) with abnormalities, assist in conducting testing of mobile devices and policiesRequired Skills:Knowledge with digital exploitation and skills such as computer forensics, Document and Media Exploitation (DOMEX), reverse engineering, and malware analysisExperience designing, implementing and documenting computer forensics services to include evidence seizure, computer forensic analysis and data recoverySkill with malicious code reverse engineering to isolate, review, analyze, and reverse-engineer potentially malicious programs recovered from compromised mobile devices.Research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits.An in-depth understanding of computer forensic and cyber security principles including intrusion response and network monitoringAbility to understand hardware configuration and network/data communications, software development and scripting, and database technology and database exploitation/forensicsDemonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework Experience with forensic processes and procedures (chain of custody, computer acquisition techniques, and memory acquisition techniques)Determination of wrong doing facilitated by IT systems or mobile devicesMitigation for insider threat and disgruntled employee data lossMalicious code scans - before and after overseas travelHard drive forensicsIntellectual property theft Misuse and abuse cases (ie, viewing adult content, timecard fraud, etc.)HR/EEOC related casesRecovery of files (maliciously deleted or accidental)System sabotageMisuse of computer equipment (USB, phones)Exposure or loss of company property dataEmployee termination/RIF to analyze hard drive for data lossIn-depth knowledge and familiarity of cyber forensic technologiesPersonality traits: Naturally curious and inquisitive nature; persistent and determined; loves solving problems and puzzles; analytically rigorous; uncompromising integrityDemonstrated ability to document processesProficiency with MS Office ApplicationsMust be able to work collaboratively across teams and physical locationsWilling to work rotating shiftsRequired Certifications:Possess at least one relevant professional designation or related advanced IT certification, but not limited to the following:Certified Cyber Forensics Professional (CCFP)AccessData Certified Examiner (ACE)GIAC Advanced Smartphone Forensics Certification (GASF)GIAC Certified Forensic Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Network Forensic Analyst (GNFA)GIAC Certified Incident Handler (GCIH)GIAC Reverse Engineering Malware (GREM)Computer Hacking Forensic Investigator (CHFI)Certified Computer Examiner (CCE)Certified Computer Forensics Examiner (CCFE) from IACRBCertified Forensic Computer Examiner (CFCE) from IACISEnCase Certified Examiner (EnCE)Desire Skills:Experience with RSA Netwitness, Splunk, FireEye NX, EX, HX, AX, Carbon Black Response, RSA ArcherExperience with firewalls, routers or antivirus appliancesExperience working on a 24x7x365 watch desk environmentExperience with industry standard help desk toolsDesired Certifications:Possess at least one relevant professional designation or related advanced IT certification, but not limited to the following:Certified Information Systems Security Professional (CISSP)GIAC Certified Incident Handler (GCIH)GIAC Certified Enterprise Defender (GCED)GIAC Security Expert (GSE)Certified Information Security Manager (CISM)Certified Ethical Hacker (CEH)GIAC Intrusion Analyst (GCIA)GIAC Cyber Threat Intelligence (GCTI)Required Education (including Major):Bachelor of Science Degree with major in Computer Science/Electrical Engineering, Engineering, Science or related field. Must have a minimum of 5+ years' experience or equivalent education and experience.US Citizen with active or ability to attain TS or TS/SCI clearanceOccasional travel within CONUS and OCONUS is requiredBusiness Unit ProfileRaytheon Intelligence & Space delivers the disruptive technologies our customers need to succeed in any domain, against any challenge. A developer of advanced sensors, training, and cyber and software solutions, Raytheon Intelligence & Space provides a decisive advantage to civil, military and commercial customers in more than 40 countries around the world. Headquartered in Arlington, Virginia, the business generated $15 billion in pro forma annual revenue in 2019 and has 39,000 employees worldwide. Raytheon Intelligence & Space is one of four businesses that form Raytheon Technologies Corporation.BusinessIntelligence, Information&Svcs Relocation EligibleNoTalent AreaCyber JobsType Of JobFull TimeJob FunctionAdministration Ability to TelecommuteNo telecommuting Clearance TypeTop Secret - Current US FLSA ClassificationExempt Equal Opportunity/Affirmative Action EmployerRaytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.Work Location:VA - Rosslyn Requisition ID: 185814BRSDL2017

Similar jobs