Digital Forensics Analyst/Investigator
Focused Cyber, LLC – Arlington, VA
- Perform forensic analysis on all common operating system environments, to include, but not limited to, Microsoft Windows, Mac OS, UNIX, Linux, Solaris, as well as embedded systems.
- Analyze digital media (logs, code, phones, hard drives, memory dumps, etc.) to determine attack vectors and develop mitigation techniques.
- Identify possible threats based on analysis of digital media.
- Maintain readiness to divert and deploy teams of contract resources to provide on site support and assistance in the event of an exercise or cyber incident.
- Develop and disseminate engagement reports, technical reports and briefs based on analytic findings.
- Identify and document tactics, techniques and procedures used by an attacker to gain unauthorized access. Develop procedures and processes to analyze and categorize digital media. Follow industry standard forensic best practices while imaging, preserving, transporting and handling electronic data and associated physical devices. Participate in inter agency sponsored community of interest analysis groups, conduct and participate in technical briefings and exchanges. Communicate, coordinate and share information and work closely with NCCIC and other HIRT components.
- Develop tips, indicators, warnings and actionable information.
- Support the development of performance metrics.
- Adhere to the CONOPS and SOPs of the HIRT and Digital Forensics Group (DFG). Assist with preservation and duplication of original media obtained from customers.
- Assist with maintaining the readiness of all DFG fly away kits, storage media and forensic VM analyst images. Assist with maintaining DFG computer equipment and software licensing.
Requirements That Candidates Will Be Evaluated Against
- Bachelor s Degree
- Active Top Secret Security Clearance with the ability to obtain a TS/SCI is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.
- Familiarity with at least one of the following tools: EnCase, Forensic Toolkit, Autopsy/Sleuthkit
- Knowledge of investigative methods to locate specific electronic data.
- Proficiency in the latest cyber forensics, response, and reverse engineering skills and understanding of the latest exploit methodologies.
Apply by using the apply button with this posting or email your resume directly to [email protected] or call 804-539-8278.
Focused Cyber is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.