The Intelligence group provides high-end systems engineering and integration products and services, data analytics and software development to national and military intelligence customers. Serving federal agencies and the Intelligence Community for more than 50 years, the Intelligence group helps our clients meet their mission needs by providing trusted advisors, leading-edge technologies, and innovative solutions.
GENERAL DUTIES OVERVIEW
The Cyber Forensic Analyst (CFA) will support the Sponsor in executing elements of multi-faceted programs to support dynamic mission sets. This includes using project concepts and principles to complete tasks as directed by the Sponsor. The CSFA will coordinate and complete in support of the customer's overall counterintelligence threat analysis efforts. Responsibilities include, but are not limited to the following:
- Conducting data identification, reduction, and analysis to detect suspicious data types, COM tools, modified software and/or other malicious content
- Imaging various types of electronic media (SSD/HDD, Thumb Drives, Volatile Memory, Compact Disks, etc.)
- Conducting data extraction from various data sources including files, directories, unallocated space, raw images, custom databases (e.g. include parsing of data types necessary to extract metadata and content of forensic value)
- Knowledge of OS's (Windows, Linux, and OSX)
- Experience with various computer forensics and software reverse engineering tools
- Experience with data extraction from various data sources including files, directories, unallocated space, raw images, custom databases (e.g. include parsing of data types necessary to extract metadata and content of forensic value)
- Knowledge/understanding of system kernel level processing to detect and report on significant kernel events such as root kits, hooked functions, call tables, and data structures.
- Hands on experience with multiple (Windows, Linux, Mac OSX) operating systems.
- Demonstrated Experience performing computer forensics and security analysis including use of commercial or specialty forensic tools (EnCase, FTK, X-Ways, Magnet IEF, BlackLight, etc.)
- Understanding of network vulnerability analysis and penetration testing with both open- source and commercial tools, such as Nmap, Wireshark, Metasploit, Canvas, Kismet, BackTrack, etc
- Demonstrated on-the-job experience with programming skills with scripting languages such as Perl, Python, Bash, etc is preferred.
- Requires 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 5 to 7 years with PhD, or equivalent experience
- Customer domain experience
- Experience performing hands-on forensic review / reverse engineering of modern mobile devices (Google Android, Apple iOS, etc.)
- Experience working with virtualization software and virtualized environments (ESXi, VMWare, VirtualBox, etc.)
- Experience with both static and dynamic malware analysis / ability to conduct analysis of identified malicious software code
- Experience reviewing and reverse engineering hardware, radiofrequency communication systems, and cellular network protocol structures
- Demonstrated experience working with debuggers and disassemblers (OllyDbg, WinDbg, IDA Pro, Binary Ninja, etc.)
- One or more of the following Certifications
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- Encase Certified Examiner (EnCE)
Active Top Secret/SCI w/ Full Scope Polygraph Security Clearance