Computer Forensics Analyst │ Security Clearance TS/SCI
- Posted: over a month ago
- $115,000 to $160,000 Yearly
- Benefits: 401k, dental, medical, vision,
CyTech Services has an immediate need for mid-level and senior Computer / Host-Based Forensic Examiner to support the DHS HIRT program. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.
This position will begin as a REMOTE opportunity but will eventually return to the DHS work location in Arlington, VA.
MUST HAVE ACTIVE TS AND BE ELIGIBLE FOR SCI
This position requires experience in providing leadership and vision in incident handling, response, and analysis. Must be hands-on and have intimate knowledge and experience in cybersecurity, incident response, and analysis; digital forensics; security vulnerabilities/weaknesses and related attacks; network security issues and encryption technologies; management of lab environments to include flyaway kits.
Job Description - Location: Arlington VA
- Uses leading-edge technology and industry-standard forensic tools and procedures to provide insight into the cause and effect of suspected cyber intrusions; and
- Follows proper evidence handling procedures and chain of custody protocols; and
- Produces written reports documenting digital forensic findings; and
- Determines programs that have been executed finds files that have been changed on disk and in memory; and
- Uses timestamps and logs (host and network) to develop authoritative timelines of activity; and
- Finds evidence of deleted files and hidden data; and
- Identifies and documents case-relevant file-system artifacts (browser histories, account usage, and USB histories, etc.); and
- Creates forensically sound duplicates of evidence (forensic image) to use for data recovery and analysis; and
- Performs all-source research for similar or related network events or incidents; and
- Possesses skill in identifying different classes of attacks and attack stages; and
- Knowledge of system and application security threats and vulnerabilities; and
- Knowledge in proactive analysis of systems and networks, to include creating trust levels of critical resources.
- Assists with leading and coordinating forensic teams in preliminary investigation
- Plans, coordinates, and directs the inventory, examination, and comprehensive technical analysis of computer-related evidence
- Distills analytic findings into executive summaries and in-depth technical reports
- Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols
- Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement
- Evaluates, extracts, and analyzes suspected malicious code
- Assists Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations
- Provides technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessary
- Writes in-depth reports, supports with peer reviews, and provides quality assurance reviews for junior personnel
- Supports in overseeing forensic analysis and mentoring/providing guidance to others on data collection, analysis, and reporting in support of onsite engagements
(7-9 years host investigations or digital forensics experience with a High school diploma; or a Bachelor's degree in a technical discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline, and with 5-7 years of host-based investigations or digital forensics experience)
10+ years host investigations or digital forensics experience with a High school diploma; or a Bachelor's degree in a technical discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline, and with 8+ years of host-based investigations or digital forensics experience.
REQUIRED Clearance: TS/SCI