Host Forensics Analyst

NewGen

$90K — $120K *
Technical Services
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • US Citizenship
  • Active TS/SCI Clearance
  • BS in Computer Science, Cybersecurity or related field; or HS Diploma with 10+ years of experience in forensics
  • 8+ years of experience in cyber forensics investigations
  • Proficient in creating forensically sound duplicates and writing investigative reports
  • Experience with cyber attack analysis and digital asset collection protocols
  • Collaborative team player across physical locations

Responsibilities

  • Assist Federal leads in overseeing and leading forensic teams during onsite engagements
  • Provide technical assistance on data collection and forensic techniques as needed
  • Write in-depth forensic reports and support peer reviews
  • Mentor junior personnel on analysis and reporting during engagements
  • Plan and coordinate the examination of computer systems and digital artifacts
  • Create executive summaries and technical reports based on findings
  • Serve as a forensics liaison explaining investigation methodologies to stakeholders
  • Document and track incident response activities while updating leadership
  • Travel to various incident response sites across the U.S.

Benefits

  • Remote and onsite work flexibility
  • Opportunity to work on high-stakes federal investigations
  • Engagement with advanced cybersecurity technologies
  • Professional growth through mentoring and peer review
  • Travel opportunities across the United States for incident response
Full Job Description
Our Partner serves as a prime contractor in a federal program, performing investigations to develop a preliminary diagnosis of the severity of breaches. They provide remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. Contract personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunt for malicious cyber activity. They are seeking Host Forensics Analysts to support this critical customer mission.

Responsibilities
  • -Assist Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating data collection/acquisition operations
  • Provide technical assistance on data collection techniques and forensic investigative techniques to appropriate personnel when necessary
  • Write in-depth reports, supports with peer reviews and provides quality assurance reviews for junior personnel
  • Support forensic analysis and mentoring/providing guidance to others on data collection, analysis and reporting in support of onsite engagements
  • Assist with leading and coordinating forensic teams in preliminary investigation
  • Plan, coordinate, and direct the inventory, examination and comprehensive technical analysis of computer systems and digital artifacts
  • Distill analytic findings into executive summaries and in-depth technical reports
  • Serve as technical forensics liaison to stakeholders and explaining investigation details to include forensic methodologies and protocols
  • Track and document on-site incident response activities, and provide updates to leadership throughout the engagement
  • Travel to incident response locations in the United States, Territories & Possessions
  • Evaluate, extract, and analyze suspected malicious code
Requirements
  • US Citizenship
  • Active TS/SCI Clearance
  • Must be able to obtain DHS Suitability
  • BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics experience
  • 8+ years of directly relevant experience in cyber forensics investigations, using leading edge technologies and industry standard forensic tools
  • Ability to create forensically sound duplicates of computer systems (forensic images)
  • Able to write cyber investigative reports documenting digital forensics findings
  • Experience with the analysis and characterization of cyber attacks
  • Experience with proper digital asset collection and preservation procedures and chain of custody protocols
  • Skilled in identifying different classes of attacks and attack stages
  • Knowledge of system and application security threats and vulnerabilities
  • Knowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resources
  • Must be able to work collaboratively across physical locations
Desired Skills
  • Experience with or knowledge of two or more of the following tools:
    • EnCase
    • SIFT
    • X-Ways
    • Volatility
    • WireShark
    • Sleuth Kit/ Autopsy
    • Magnet Axiom Cyber
    • Snort
    • Splunk or other SIEM Tools (ArcSight, LogRythm, Elastic, etc.)
    • Other EDR Tools (Crowdstrike, MDE, Trellix, etc.)
  • Proficiency with conducting all-source research
  • Desired Certifications: GCFA, GCFE, EnCE, CCE, CFCE, CISSP

Similar Jobs

More Jobs at NewGen

More Technical Services Jobs

Find similar Host Forensics Analyst jobs: