The Digital Forensics Analyst performs a variety of highly technical analyses and procedures dealing with the collection, processing, preservation, analysis, and presentation of computer-related evidence, and is responsible for disseminating and reporting cyber-related activities, conducting vulnerability analyses and risk management of computer systems and recovering information from computers and data storage devices.
- Will be required to recover information from computers and data storage devices, often working alongside technical security Technicians, Security, Counterintelligence and law enforcement officers helping to solve security issue or find electronic evidence.
- May be required to recover data like documents, photos, and e-mails from computer hard drives and other data storage devices, such as zip and flash drives that have been deleted, damaged or otherwise manipulated.
- Examine computers find evidence of illegal activity.
- Use expertise in a corporate setting to protect computers from infiltration, determine how a computer was broken into or recover lost files.
- Utilize use forensic tools and investigative methods to find specific electronic data, including Internet use history, word processing documents, images and other files, hunt for files and information that may have been hidden, deleted or lost.
- Assist officials, analyze data and evaluate its relevance to the service request.
- Transfer the evidence into a format that can be used for legal purposes.
- Provide network security services for customer to protect against and identify outside threats.
- Perform a full spectrum forensic analysis across multiple types of computer and network devices, Windows/Linux hosts, mobile devices, virtual machines, software, and hardware.
There are no supervisory responsibilities.
Education and/or Experience:
- A bachelor's degree in cyber/digital forensics, computer engineering, computer science, or other closely related IT discipline.
- Equivalent work of eight (8) years' of demonstrated experience may be considered on a case by case basis.
- Demonstrated experience using EnCase and Open Source methods and tools to perform Computer Forensic Investigations.
- Minimum five (5) years of progressively responsible experience performing forensic investigations, malware reverse engineering, cyber security incident response, with a minimum of three (3) years of experience specifically conducting cyber forensic investigations.
- Must meet and maintain Special Access Program (SAP) and Sensitive Compartmented Information (SCI) eligibility.
- Must be certified Information Assurance Technician (IAT) Level 1 IAW DoD Directive 8570.01M within 12 months of hire.
Knowledge, Skills, and Abilities:
- The candidate is expected to stay up-to-date with industry forensics best practices, industry accepted forensic methodologies, in addition to being responsible for the overall quality control of forensic investigations and related case reporting.