Cyber Host Forensic Analyst III with Security Clearance

About This Role

Join Nightwing to support U.S. Government customers in providing onsite incident response to cyber-attacks for civilian Government agencies and critical asset owners. This role involves leading forensic teams, conducting in-depth analyses, and developing mitigation plans to restore services.

Responsibilities

• Assist Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations
• Provide technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel
• Write in-depth reports, support peer reviews and provide quality assurance reviews for junior personnel
• Support forensic analysis and mentor/provide guidance on data collection, analysis, and reporting in support of onsite engagements
• Assist with leading and coordinating forensic teams in preliminary investigation
• Plan, coordinate and direct the inventory, examination and comprehensive technical analysis of computer-related evidence
• Distill analytic findings into executive summaries and in-depth technical reports
• Serve as technical forensics liaison to stakeholders and explain investigation details including forensic methodologies and protocols
• Track and document on-site incident response activities and provide updates to leadership throughout the engagement
• Evaluate, extract and analyze suspected malicious code

Requirements

• U.S. Citizenship
• Active TS/SCI clearance
• Ability to obtain DHS Suitability
• 8+ years of directly relevant experience in cyber forensic investigations
• Ability to create forensically sound duplicates of evidence
• Ability to write cyber investigative reports documenting digital forensics findings
• Experience with the analysis and characterization of cyber attacks
• Experience with proper evidence handing procedures and chain of custody protocols
• Skilled in identifying different classes of attacks and attack stages
• Knowledge of system and application security threats and vulnerabilities
• Knowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resources
• Ability to work collaboratively across physical locations

Qualifications

• BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics experience
• 8+ years of directly relevant experience in cyber forensic investigations using leading-edge technologies and industry-standard forensic tools

Nice to Have

• Experience with or knowledge of EnCase, FTK, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, Splunk, Snort, or Other EDR Tools (Crowdstrike, Carbon Black, Etc)
• Proficiency with conducting all-source research

Skills

* Required skills