SAVA services and solutions help our federal clients provide for national security, improve communications and collaboration, secure the integrity of information systems and networks, enhance data collection and analysis, and increase efficiency and mission effectiveness. We’re at the forefront of the communications breakthroughs that bring Federal, state, local and International organizations together for leading edge collaborative solutions in our fight against global crime and terrorism.
JOB DESCRIPTION:SAVA is seeking a Counterintelligence (CI) Cyber SME to provide support to the client’s Chief Information Officer (CIO) and CIO elements. The CI Cyber SME will conduct technical interviews and interpret cyber data concerning suspicious CI and Information Assurance (IA) incidents to ascertain a CI interest and document reportable information. The candidate will be capable of extracting information from digital media to support a CI activity. The candidate will gather and analyze all data that supports the CI activity for which the media is being analyzed, in accordance with the latest forensics guidance from the digital forensics community and internal Standard Operating Procedures (SOP). They will retrieve workstation and network level information with the requisite approvals. They will identify potential high and critical FIE threats to the client’s supply chain. Plan and develop measures to mitigate the threat and assist the CIO in integrating those measures into acquisitions. They will also plan and conduct CI Support to Computer Network Defense according to DoDI 5240.23 to include Cyber assessments of the client’s networks.
- Must possess a Top Secret Clearance with SCI eligibility and the ability to pass a CI polygraph
- Must be a graduate from an accredited CI Special Agent credentialing school
- Must possess the following Certifications:
- CI Special Agent Credentialing Certificate
- Graduate certificate or certifications for Windows Forensics Exam (WFE)
- Introduction to Networks and Computer HW (INCH)
- The Computer Incident Response Course (CIRC)
- Intrusion Investigations in a Windows Environment
- CI Collections in a Cyber Environment (CICCE)
- Must have 7+ years of experience conducting or supporting CI operations, CI investigations and/or CI collections in the cyber environment.
- Must have conducted digital forensic analysis on Personal Electronic Devices (PEDs), intrusion investigations, and CI collections on-line.