United States onlyQualifications:
- Six (6) years of professional experience providing software, hardware, and wireless support, including mobile forensic examination to the client based on submitted requirements for functionality and use of developed tools.
- Skilled in developing, testing, and implementing network infrastructure contingency and recovery plans.
- Skilled in performing packet-level analysis.
- Display technical comprehension of relationships, dependencies, and hardware and software component requirements. Interpret submitted documentation, including user and functional requirements and develop forensic examination reports.
- Possess knowledge of risk management processes (e.g., methods for assessing and mitigating risk). Knowledge of cybersecurity principles, cyber threats, cyber vulnerabilities.
- Knowledge of computer networking concepts and protocols, and network security methodologies, cloud computing service models, and cloud deployment models in private, public, multi-cloud, and hybrid environments.
- Works independently, may supervise/manage junior analyst.
- Global Information Assurance Certification (GIAC) Certified Forensic Examiner (GCFE) certification required within 90 days after contract award.
- This position requires a DoD IAT III level certification
- Perform forensic collection, imaging, preservation, and analysis of digital evidence from computers, servers, and network devices.
- Support investigations of cybersecurity incidents, policy violations, insider threats, and data breaches.
- Analyze logs, network traffic, and digital artifacts to identify indicators of compromise and trace attack vectors.
- Use forensic tools (e.g., EnCase, FTK, X-Ways, Autopsy, Cellebrite, Magnet Axiom) to recover and analyze digital evidence.
- Develop detailed forensic reports documenting methodologies, findings, and conclusions for presentation to stakeholders.
- Ensure forensic examinations follow DoD and Navy evidence handling, retention, and chain-of-custody procedures.
- Collaborate with cybersecurity, law enforcement, and legal teams to support investigations and remediation efforts.
- Conduct malware analysis and identify patterns in malicious code and behavior.
- Assist in maintaining forensic readiness through tool validation, documentation, and procedural updates.
- Provide expert testimony and technical consultation when required for legal or administrative proceedings.
- Support incident response activities, including triage, containment, eradication, and recovery.
- Perform post-incident analysis to identify root causes and develop recommendations for improving defenses.
- Maintain forensic lab systems, tools, and hardware in compliance with Navy cybersecurity and RMF standards.
- Develop and maintain standard operating procedures (SOPs) and forensic playbooks for digital evidence handling.
- Train and mentor junior forensic analysts and incident responders in advanced forensic techniques and methodologies.
