Overview: CDT is looking to add a Computer Forensic Analyst to their team in Arlington, VA at The Joint Service Provider (JSP) Defense Cyber Operations Internal Defense Measures (DCO IDM) program. The JSP program provides a full range of cybersecurity products, services, solutions and customer support to the Office of the Secretary of Defense (OSD), the Chairman of the Joint Chiefs of Staff (CJCS), the Joint Staff (JS), the Director of Administration (DA), the Pentagon Force Protection Agency (PFPA), the Washington Headquarters Services (WHS) and other various OSD offices.
The role of the analyst is to recover data like documents, photos and e-mails from computer hard drives and other data storage devices, such as zip and flash drives, which have been deleted, damaged or otherwise manipulated. A computer forensic analyst may also use their expertise to protect computers from infiltration, determine how a computer was broken into or recover lost files. Analysts might be responsible for assisting law enforcement with cyber-crimes and/or to retrieve evidence.
Clearance Requirement: An active Top Secret clearance or higher is required. Candidates who do not meet these requirements will not be considered, therefore, all viable applicants must be U.S. Citizens.
Responsibilities:
- Performs forensic analysis of digital information and gathers and handles evidence
- Identifies network computer intrusion evidence and perpetrators
- Investigates computer fraud or other electronic crimes, crack files and system passwords, detects steganography and recovers deleted, fragmented and corrupted data from digital media of all types
- Ensures chain of custody and control procedures, documents procedures and findings in a manner suitable for courtroom presentation and prepares comprehensive written notes and reports
- Demonstrate expert-level knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) operations in an organization similar in size to this acquisition;
- Expert proficiency in conducting research and analysis, compiling relevant all source intelligence to incorporate into analytical products and technical briefings;
- Demonstrate expert ability to analyze and identify relationships and trends between incidents in the short term and patterns across incidents in the long term and report trend analysis in quarterly and yearly trend analysis reports;
- Demonstrate expert ability to extract actionable information and indicators from intelligence reporting and articulate to network defenders to update network security posture;
- Demonstrate knowledge of threat intelligence tradecraft, structured analytic, contrarian, and imaginative analytic techniques;
- Demonstrate expert knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]);
Qualifications:
- Bachelor of Science Degree in a technical field (OR 4+ years of experience in Incident Response in lieu of a degree)
- 6+ years of Incident and Malware analysis experience within DoD or IC environment
- Knowledge of Cyber Collection Management, Dissemination, Artifact Analysis
- Certified Ethical Hacker (CEH) Certification
- DoD 8570 IAT Level II Certification (ONE of the following): GSEC, Security+ CE, SSCP, CCNA-Security, CySA+, GIC SP