Host Based Systems Analyst IV

Arlington, VA, 1099, W2

The Client and Customer are seeking Host Forensics Analysts to support a critical mission.

Assist Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations
Provide technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessary
Write in-depth reports, supports with peer reviews and provides quality assurance reviews for junior personnel
Support forensic analysis and mentor/provide guidance to others on data collection, analysis and report in support of onsite engagements
Assist with leading and coordinating forensic teams in preliminary investigation
Plan, coordinate and direct the inventory, examination and comprehensive technical analysis of computer related evidence
Distill analytic findings into executive summaries and in-depth technical reports
Serve as technical forensics liaison to stakeholders and explain investigation details to include forensic methodologies and protocols
Track and document on-site incident response activities and provide updates to leadership throughout the engagement
Evaluate, extract and analyze suspected malicious code

TS/SCI Clearance
Able to obtain DHS Suitability
BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics experience
Desired Certifications: GCFA, GCFE, EnCE, CCE, CFCE, CISSP
8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
Ability to create forensically sound duplicates of evidence (forensic images)
Able to write cyber investigative reports documenting digital forensics findings
Experience with the analysis and characterization of cyber attacks
Experience with proper evidence handing procedures and chain of custody protocols
Skilled in identifying different classes of attacks and attack stages
Knowledge of system and application security threats and vulnerabilities
Knowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resources
Able to work collaboratively across physical locations

Experience with or knowledge of two or more of the following tools: EnCase; FTK; SIFT; X-Ways; Volatility; WireShark; Sleuth Kit/Autopsy; Splunk; Snort; Other EDR Tools (Crowdstrike, Carbon Black, etc.)
Proficiency with conducting all-source research

Apply for this Job