Senior Digital Forensics Analyst

BAE Systems

About The Position

BAE Systems has a job opening for a Digital Forensics Analyst. The Forensics Analyst will conduct digital media acquisition and analysis, team leadership and mentoring, and incident response analysis in an enterprise network environment. The candidate will have the ability to perform deep dive analysis of preserved and collected digital evidence to restore deleted files, determine usage patterns, Internet history, USB analysis, data carving/recovery, and other advanced analytical processes to recover evidence and artifacts in support of a variety of case types. The candidate will be familiar with Incident Response and Handling best practices in accordance with NIST SP documentation (800-61, etc.). Digital forensic and incident handling case types may include: advanced malware, digital media misuse, insider threat, and potential criminal conduct. This position requires ongoing proficiency in digital and mobile forensic tools, practices, and procedures, as well as emerging threats to networks and systems. Additionally, this role is responsible for producing and managing automation improvements in the Python scripting language.

Requirements

Must be eligible to possess a final US Secret Security Clearance
Minimum of one industry recognized technical certification
Demonstrated experience in written and verbal communications
Demonstrated experience in professional and technical report writing
Ability to make recommendations to senior leadership in all matters involving digital forensics
Ability to work independently as well as in a team environment
Demonstrated knowledge of current digital forensic techniques and procedures
Knowledge of the forensic laboratory accreditation process
Creative problem solving abilities
Ability to anticipate and respond to changing priorities in a professional manner (triage, prioritization, multi-tasking, project scheduling)
Ability to collaborate with and provide support to internal and external customers
Case tracking and investigation management
Experience with Forensic Toolkit (FTK)
Experience with Microsoft Purview
Experience with Python
Experience with Splunk
Experience with ArcSight
At least one of the following certifications: EnCase® Certified Examiner (EnCE), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Enterprise Defender (GCED), GIAC Certified Incident Handler (GCIH), Access Data Certified Examiner (ACE), Certified Ethical Hacker (CEH), Certified Computer Examiner (CCE)

Nice To Haves

8+ Years Digital Forensics experience
5+ years incident response and handling experience
Bachelor’s Degree in Criminal Justice, Digital Forensics, Computer Science, or a related discipline
Relevant forensics or incident handling certification

Responsibilities

Conduct digital media acquisition and analysis
Team leadership and mentoring
Incident response analysis in an enterprise network environment
Perform deep dive analysis of preserved and collected digital evidence to restore deleted files, determine usage patterns, Internet history, USB analysis, data carving/recovery, and other advanced analytical processes to recover evidence and artifacts in support of a variety of case types
Produce and manage automation improvements in the Python scripting language