Duties

Summary

The Office of the Chief Administrative Officer (CAO) provides operations support services and business solutions to the community of 10,000 House Members, Officers and staff. The CAO organization comprises more than 650 technical and administrative staff working in a variety of areas, including information technology, finance, budget management, human resources, payroll, child care, food and vending, procurement, logistics and administrative counsel.
Learn more about this agency

Responsibilities

Candidate provides leadership in the development and effective application of information security tools, policies, and procedures in direct support of the Chief Administrative Officer's information systems security program for the U.S. House of Representatives. As Forensics Lead, the individual will report to the Cybersecurity Architecture & Innovation Manager and will handle all aspects of the Computer Forensics program to include imaging, data preservation, e-discovery, analysis, inventory, and reporting. The position requires a high degree of technical expertise, technical project management and general case management experience.

The primary work location for this position is at the Ford House Office Building or secondary facilities located in the Washington, DC metropolitan area. This position requires the ability to travel as necessary to support forensic related requests and may on occasion require the ability to work shift hours to perform duties in support of the Computer Forensics program outside of standard operating hours.

PRIMARY DUTIES:

1. Manage and perform all duties associated with preservation and e-discovery requests as they are received and communicated by the Cybersecurity, HIR, CAO or House leadership

2. Manage all forensic activities associated with event and incident response.

3. Review, update, and document procedures for tracking cases, performing preservations, and preparing deliverables for House customer base

4. Work with House attorneys on new and existing cases to provide data, perform analysis, and create reports based on various deadlines.

5. Manage and maintain complete inventory records of all evidence held within the Cybersecurity Office.

6. Manage and maintain current systems to produce accurate reports detailing work performed in all stages up to its completion.

7. Constantly review People, Processes and Technology to continuously grow and improve the Forensics program and team.

8. Perform other official duties as assigned.

Travel Required

Not required - Occasional local travel may be required.

Supervisory status
No

Promotion Potential
13

Requirements

Conditions of Employment

• USAJobs Conditions of Employment

Qualifications

1. Demonstrated experience conducting a computer forensics investigation from imaging to analysis. Experience using forensic workstations including write-block technologies to properly handle and analyze evidence.

2. 5+ years of experience performing hands on computer forensic activities

3. Ability to prioritize and manage time and resources based on the importance of deadlines. Demonstrates the ability to multi-task, use a variety of resources, and information to get things done; understands what will help or hinder accomplishing a goal; and respects the time of other colleagues.

4. Candidate should be extremely detail oriented and well versed with forensic documentation practices. Able to produce reports which include a detailed work summary, timeline, and evidence information.

5. Demonstrated experience performing forensic analysis on a variety of devices using industry standard forensic software tools. such as Encase, Cellebrite, FTK, and Discovery Attender.

6. Knowledge of e-discovery tools, processes and procedures for on prem and cloud based services and have experience searching, sorting, de-duplicating, and hashing email data.

7. Knowledge and experience with hard drive cloning procedures including the use of both software and hardware devices, documentation, and proper chain of custody handling.

8. Ability to communicate effectively, both orally and in writing, with elected officials, lawyers, law-enforcement agents, senior management and staff, information systems professionals, and both technical and non-technical users. Ability to estimate and set expectations accurately for meeting deadlines.

9. Willingness to travel and perform on-site evidence collection following standard forensic processes for documenting and handling evidence.

10. Ability to maintain effective working relationships with colleagues, users, contractors, and vendors.

11. Active Top Secret (TS) Clearance preferred or the ability to obtain and maintain a TS Clearance.

12. Any of the following certifications preferred EnCE, CCE, CHFI, CFCE, GCFE, GCFA

Education

Additional information

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Qualified candidates will be evaluated using a structured interview process.

Background checks and security clearance

Security clearance
Not Required

Drug test required
No

Required Documents

Resume submission is required.

If you are relying on your education to meet qualification requirements:

Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education .

Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.