Digital Forensics Intrusion Analyst

BAE Systems•Chantilly, VA

3d•$118,095 - $200,762

About The Position

This position is for a senior level digital forensics intrusion analyst with specialized expertise in investigating and analyzing digital devices, data, and systems to uncover evidence for legal or investigative purposes. It encompasses the collection, preservation, and analysis of data from multiple sources to determine the who, what, where, when, and how, while safeguarding its integrity for legal admissibility. Support primarily consists of the scientific analysis of various devices in both static and dynamic states, thorough documentation of findings and conclusions, and expert witness testimony as required. However, support for operational investigative activities may be required, potentially resulting in extended or irregular work hours across different locations based on mission needs. This contract facilitates the FBI's investigative efforts, requiring contract personnel to present technical evidence and substantiate findings before judicial bodies as subject matter experts (SMEs) on behalf of t the agency. Intrusion Analyst must demonstrate strong written and verbal communication skills and effectively convey findings in clear, straightforward language for non-expert audiences. Furthermore, intrusion Analsyst will be required to successfully complete a mock examination, which must be defended in a practical courtroom exercise conducted, facilitated, and evaluated by the Government. Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others.

Requirements

Minimum of 8 years' experience preferred. In absence of years of experience, certifications or past work may be used to show the level of experience needed to perform at this level.
Bachelor's degree in Computer Science, Criminal Forensics, Cyber Forensics is strongly preferred but 4 + years of direct cyber forensics work may be substituted for the degree.
Must possess a deep technical background and hands-on experience with advanced digital forensics including, but not limited to: Intrusion-focused forensic analysis of host-based and network-based evidence
Experience analyzing forensic artifacts and intrusion activity across multiple operating systems, including Windows, Linux, macOS, and mobile platforms
Examination of volatile memory captures, log exports, and other pre-acquired forensic datasets
Analysis of advanced intrusions to identify Indicators of Compromise (IOCs) and attacker Tactics, Techniques, and Procedures (TTPs)
Use of forensic and analysis tools such as Magnet Axiom, X-Ways, FTK, Volatility, Splunk, ELK Stack, and relevant open-source utilities
Correlation of data from multiple sources (host artifacts, security device logs, network captures, and cloud logs) to reconstruct attack timelines and scope
Identification of persistence mechanisms, privilege escalation, lateral movement, and data exfiltration indicators
Application of scripting and automation (Python, PowerShell, Bash) for artifact parsing, data correlation, and workflow acceleration

Benefits

health, dental, and vision insurance
health savings accounts
a 401(k) savings plan
disability coverage
life and accident insurance
employee assistance program
a legal plan
discounts on things like home, auto, and pet insurance
paid time off
paid holidays
paid parental, military, bereavement, and any applicable federal and state sick leave
Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards.
Other incentives may be available based on position level and/or job specifics.