Job Number: R0020735
Cyber Forensics Analyst, Senior
Use leading–edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected Cyber intrusions. Follow proper evidence handling procedures and chain of custody protocols. Produce written reports documenting digital forensic findings. Determine programs that have been executed, including finding files that have been changed on disk and in memory. Use timestamps, logs hosts, and network logs to develop authoritative timelines of activity and find evidence of deleted files and hidden data. Identify and document case relevant file–system artifacts, including browser histories, account usage, and USB histories.
-8+ years of experience with digital forensics
-Experience with creating forensically sound duplicates of evidence, including forensic images to use for data recovery and analysis and performing all–source research for similar or equivalent network events or incidents
-Experience with using timestamps and host and network logs to develop authoritative timelines of activity to find evidence of deleted files, hidden data, browser histories, account usage, and USB histories
-Experience in assisting with preliminary analysis by tracing an activity to its source and documents findings for input into a forensic report, documenting the original condition of digital and associated evidence by taking photographs, and collecting hash information
-Experience in assisting with gathering, accessing, and assessing evidence from electronic devices using forensic tools while identifying and comprehending TTP threats
-TS/SCI clearance with a polygraph
-BA or BS degree
-Experience with a common scripting or programming language, including Perl, Python, Bash, or PowerShell
-Experience with Endpoint Detection and Response tools
-Experience with commonly used forensic toolsets, including EnCase, FTK, or BlackLight
-BA or BS degree in an IT– or Cyber–related field
-Active Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Examiner (GCFE), or GIAC Certified Forensic Analyst (GCFA) Certification
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. TS/SCI clearance with polygraph is required.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
Apply on company website