Digital Forensics / Focused Operations Analyst (CND-AU)

Location: Springfield, VA
Date Posted: 07-29-2018
Job Location: Springfield VA

Clearance Required: Must be a U.S. Citizen and possess a current and active TS/SCI clearance granted by the Department of Defense or an Intelligence Community agency. Must be able to pass a Counterintelligence (CI) Polygraph.

Background:
Assured Consulting Solutions provides strategic and innovative solutions for customer needs across the business, technology, and organizational spectrum. As a member of our team, you will have the chance to work with customers that are both Government and industry leaders and technology innovators.
 
We are seeking a highly motivated Digital Forensics / Focused Operations Analyst to join our team.

Responsibilities include, but are not limited to:
  • Must have experience reading and analyzing packet traces and raw log dumps.
  • Must have experience creating Digital forensics reports.
  • Must have experience performing advanced forensics collection techniques, reading and analyzing packet traces and raw log dumps.
  • Must have working knowledge of reverse engineering techniques using debugging software, and behavioral analysis techniques.
  • Must have working knowledge of how to parse through multiple gigabytes of log data utilizing native Unix/Linux command line tools.
  • Must have working knowledge of how to create and run scripts that will collect and analyze logs
  • Must have experience and a thorough understanding of enterprise digital forensics concepts (including validation and sterilization) as well as true digital forensics beyond push-button examinations.
  • Must have experience thoroughly analyzing enterprise networks as well as dead box forensics.
  • Must have experience thoroughly analyzing Linux/Unix/Windows operating systems.
  • Must have experience thoroughly analyzing TCP/IP and PCAP.
  • Must possess excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings
  • Must possess a working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks. A conceptual understanding of Windows Active Directory is also required.
  • Must possess a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
  • Must have experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms such as Arcsight, that perform log collection, analysis, correlation, and alerting is also required.
 
Required Qualifications:
  • CND-AU Certification (CEH preferred)
Education Qualifications:
Bachelor's degree (in Engineering, Computer Science or related field) or equivalent, Master's degree preferred
 
Years of Experience:
At least five years of experience in leading and managing large scale IT projects with competing resource and project schedules

Position Type: Full-Time

Shift: Day
this job portal is powered by CATS