Job Description

About the Role

Responsible to support the collecting, processing, preserving, analyzing, and presenting computer-related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations, in accordance with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B and NIST SP 800-86.

Responsibilities

• Review and update Standard Operating Procedures (SOPs) to implement and execute digital forensic actions, incorporating approved forensic tools and standard processes for conducting forensics that meet or exceed legal requirements and industry best practices.
• Provide adequate templates, processes, and ad-hoc training/support to ensure incident handlers and first responders satisfy forensics and evidence requirements including but not limited to: chain of custody, and authorization to conduct forensic analysis.
• Identify, collect, examine, analyze and preserve the integrity of resources and information for digital forensics.
• Maintain all forensics data, for the duration of the contract, ensuring that data is passed on without data loss in subsequent contract transitions.
• All maintained forensics data must be kept in an organized, logical, and forensically sound manner; and be retrievable from its archived state.
• Maintain archives of forensics data and corresponding reports in an access-controlled location. All records should be managed according to DoD, and US Federal record and data retention policies.
• Perform forensic examinations, data retrieval, legal hold actions, classified data searches, malware analysis, and other forensic tasks when tasked by authorized government personnel.
• Assist in facilitating transportation/shipping of data to be examined while ensuring that a strict chain of custody document is maintained.
• Submit a scoping document containing an overview of the work to be performed and an estimation of the date that the forensic task will be completed.
• Submit a detailed forensic report.
• Conduct forensics work in such a manner that the information remains forensically sound and a strict chain of custody is maintained on the data.
• Create and maintain tracking method for new, existing, completed, and archived cases.
• Ensure all case data is processed, discussed, and stored in a secure access-controlled location that maintains privacy, need to know, and chain of custody rules and standards.
• Provide detailed reports on suspected crimes that have taken place.
• Provide expert witness testimony in court.

Qualifications

• Active Secret security clearance
• 5+ years of related experience
• DoD IAT II/CND-IR required certification/s (one of the following):

CCNA-Security

CySA+ (CSA+)

GICSP

GSEC

Security+ CE

SSCP

Preferred Skills

• Bachelor's degree in the following majors with relevant analytics or data management focused coursework desired: Data Analytics, Computer Science, Computer Information Systems, Management Information Systems, Math.
• Experience managing the full e-Discovery lifecycle on large-scale eDiscovery processing projects.
• Experience with SQL strongly preferred. Executing or modifying standard SQL scripts.
• Demonstrated experience with forensics tools such as Cellbrite, EnCase, Axiom, XRY, Forensic Toolkit (FTK), and Xways.
• Demonstrated ability to effectively communicate orally and in writing to the Forensics and Intelligence communities (i.e., experience in writing technical reports, presenting briefs).

Job Tags

Similar Jobs