Senior Digital Forensics Engineer

Northern Technologies Group, Inc.•Alexandria, VA

1d•Onsite

About The Position

This position is for a SME Digital Forensics Examiner / Malware Analyst supporting the DISA GSM-O program onsite in Alexandria, VA. An active Top Secret security clearance and demonstrated advanced technical ability in Digital Forensics and Malware Analysis is required. This position provides support to the J6 Pentagon Security Operations Center in conducting Forensic Investigations and Malware Analysis. Activities include comprehensive analysis of computer-related evidence and information stored on a device(s) in support of an investigation. This can include performing Malware Analysis if malicious code is suspected to be involved. The investigative tasks will culminate with written reports written in plain business language that detail the findings of analysis. This analysis feeds into implementing defensive measures to prevent future risks to the enterprise.

Requirements

Active Top Secret clearance or higher (program can support up to TS/SCI)
Current DoD 8570/8140 IAT-II certification.
Current DoD 8570/8140 CSSP IR certification.
Bachelor's degree and 12+ years of prior experience in Digital Forensics, Malware analysis, or Incident Response work. Additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
Demonstrated advanced understanding of various commercial and open-source analysis tools used for digital forensics and malware analysis.
Demonstrated experience with cyber security related technologies (e.g., NIDS, HIDS, IPS, and IDS);
Cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs).
Strong analytical and troubleshooting skills.
Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.

Nice To Haves

IAT-III certification
Demonstrated experience with reverse engineering practices
BA/BS degree in Computer Science, Information Assurance, or Information Systems
Experience with malware analysis concepts and methods.
Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.

Responsibilities

Conducts examinations and performs comprehensive technical analysis of computer-related evidence and information during the conduct of an investigation.
Conducts detailed analysis of potentially infected or confirmed-infected computer systems, including identification of threat vectors, indicators of compromise for future detection, and compromise attribution.
Prepares detailed Forensic or Malware Analysis reports based on analysis of devices in question of the investigation.
Provides technical support to the Incident Handling lifecycle, including proper documentation, triage, containment, eradication, and analysis of network and host-based security events