Seeking a Host Based System Analyst candidate who will use leading edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected cyber intrusions, follow proper evidence handling procedures and chain of custody protocols, and produce written reports documenting digital forensic findings. The selected candidate will also be expected to determine programs that have been executed, find files that have been changed on disk and in memory, use timestamps and logs (host and network) to develop authoritative timelines of activity, and find evidence of deleted files and hidden data.
- Assists Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations
- Provides technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessary
- Writes in-depth reports, supports with peer reviews and provides quality assurance reviews for junior personnel
- Supports in overseeing forensic analysis and mentoring/providing guidance to others on data collection, analysis and reporting in support of onsite engagements
- Must be able to obtain DHS Suitability
- A minimum of ten (10) years of host investigations or digital forensics experience is required
- (Note: A minimum of eight (8) years of host investigations or digital forensics experience PLUS a Bachelor's degree in a techincal discipline (Computer Science, Cybersecurity, Compuer Engineering, or related discipline) from an accredited college or university is also acceptable)
- Skill in identifying different classes of attacks and attack stages
- Knowledge of system and application security threats and vulnerabilities
- Knowledge in proactive analysis of systems and networks, to include creating trust levels of critical resources.