Intrusion Examiner

Responsibilities

Peraton is looking for a Digital Forensic Examiner to analyze electronic media in support of the Defense Cyber Crime Center (DC3) focused on cybersecurity investigations and operations.  Using a wide variety of forensic tools, the Digital Forensic Analyst examines forensic images of servers and clients (physical and virtual) of varying operating systems to determine and extensively report on the presence of malicious activity and artifacts.

 

Conducts digital media investigations and operations. Examines the hard drives of computers, storage devices, cell phones, PDAs, or any electronic device that may hold evidence that could be used in a court of law. Performs forensic analysis of digital information and gathers and handles evidence. Performs a variety of forensic and electronic discovery services, including digital evidence preservation, forensic analysis, data recovery, tape recovery, electronic mail extraction, and database examination. Uses forensically sound procedures to identify network computer intrusion evidence and identifies perpetrators. Employs forensic tools and techniques to support investigation of computer fraud or other electronic crimes, crack files and system passwords, detects steganography and recovers deleted, fragmented, and corrupted data from digital media of all types. Observes proper evidence custody and control procedures, documents procedures and findings in a manner suitable for courtroom presentation and prepares comprehensive written notes and reports. May be required to testify in federal/military court as expert witnesses.

Qualifications

Qualifications:

• Requires a BA/BS in Computer Science, Forensic Science or related fields with 8-10 years relevant experience; or 6-8 years’ experience with MS/MA; or 3-5 years with PhD.
• At minimum, 5 years’ experience conducting digital forensics on varying media sources to include; disk images, host-based and/or network logs, physical and virtual disk media within Windows and/or Linux operating system environments.
• Demonstrated experience in the field of digital media forensics using forensics tools such as: EnCase, Forensic Toolkit (FTK), and/or X-Ways.
• Experience identifying and reconstructing malicious activity to distinguish and pattern anomalous events from authorized device usage through logical and/or deleted artifact sources.
• Understanding of common cyber-attack methodologies and exploit techniques in alignment with the cyber kill-chain.
• Ability to research and apply effective indicators of compromise (IOC) to correlate vulnerabilities of known cyber-attack techniques employed during host-based exploitation.
• Familiarity in host-based security log parsing to include Windows Events and/or Linux audit log data sources.
• Experience analyzing and parsing Windows or Linux web service logs via command-line tools and techniques to isolate relevant audited events having been captured.
• Familiarity with client security and/or anti-virus clients’ application logs for threat detections.
• Knowledge and experience of virtual environments and network protocols and topologies.
• Understanding of NTFS and/or ext file systems in respect to their artifact source surface areas.
• Demonstrate and understand how to effectively apply investigative methodology throughout forensic examinations.
• Strong ability to work independently as well as collaboratively as part of a team as required under deadline driven environment.
• Strong writing with experience producing professional report deliverables clearly and concisely articulating relevant forensic analysis findings.
• Strong communicative and professional skills interacting with customers and team members.
• Strong ability to exercise initiative, problem-solving and critical thinking.
• Strong attention to detail required.
• Requires Top Secret/SCI clearance

Desired Skills:

• 5 years of experience with Windows system administration, to include Windows server and network infrastructure.
• Cloud Forensics experience.

 

Preferred Additional Skills

• One or more related certifications such as the GIAC, EnCE, CFCE, CCE, CISSP, DOD.
• Knowledge of a programming or scripting language.
• Incident Response experience.
• Mobile iOS and Android device analysis.

Peraton Overview

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can’t be done, solving the most daunting challenges facing our customers.

Target Salary Range

$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.

Salary : $86,000 - $138,000