Job Order: J0313-0195 - Permanent Full Time
Title: Senior Digital Forensics Analyst
Category: Consulting / Business / Functional
City: Manassas, Virginia, United States
Job Description: Senior Digital Forensics Analyst
CGI Federal is seeking a qualified, Senior Digital Forensics Analyst to support their Manassas, VA location. The selected candidate will:
- Use of common computer forensic analysis software including but not limited to EnCase and FTK in an incident response capacity.
- Responsible for providing digital forensic support including preservation, authentication, examination, and documentation of electronic evidence.
- Advise non-technical staff on forensic protocols for evidence preservation and production.
- Conduct forensic acquisitions and imaging of digital evidence.
- Assist in the development and maintenance of standard operating procedures for examinations, storage, and analysis.
- Produce high quality oral and written work product presenting complex technical matters clearly and concisely.
- Form and articulate expert opinions based on analysis.
- Conduct complex, forensic examinations and analysis of electronic evidence across a variety of media including workstations, laptops, servers, iPads and cell phones.
- Provide creative and innovative solutions for complex investigative challenges.
- Assist in MalCode analysis when possible, in support of incident analysis and response.
- Perform dynamic analysis of potentially malicious code samples.
This member will support the Security Operations Center (SOC)/Managed Security Service Provider (MSSP) as well as internal incident response investigations. The qualified member will help provide CGI Federal's forensic support to a multitude of commercial and federal customers combatting computer intrusions. The member will also be involved in a wide range of Computer Network Defense (CND) and Information Assurance (IA) activities in support of the SOC.
- Incident response and intruder attack methodologies.
- Information assurance and digital security
- Experience performing computer forensics including detailed technical analysis of media such as Hard Drives, USB Drives and similar media of compromised systems.
- Experience in application of Information Assurance (IA) and Computer Network Defense (CND) concepts, practices, and tools.
- Strong information security/ cyber security background.
- Ability to communicate complex technical and programmatic information, often in the form of verbal and visual operational updates, situation reports, and briefings.
- Self-starter with the ability to work independently with minimal supervision.
- Strong Writing and Presentation Skills.
- Ability to work well in a team setting.
- 5+ years of experience with digital forensic tools, methodologies and protocols.
- Bachelor's degree from an accredited institution.
- Functional experience conducting forensic acquisitions and examinations on a variety of platforms, operating systems and file systems, including: Windows (FAT & NTFS), Mac (HFS+), Linux (EXT2/3), UNIX, NT, and mobile devices.
- Expert level knowledge of forensic software and hardware tools including EnCase, FTK.
- Technical writing capabilities
- Able to read technical information and understand technical information and vulnerabilities
- Experience in Malcode analysis
- Ability to disassemble software, read assembly language, analyze code to determine functionality and identify unique features/attributes, and communicate findings both verbally and written.
- Understanding of the following languages and programs: x86 Assembly, Delphi /Visual Basic, scripting languages, IDA pro, OllyDBG, Sysinternals Suite, Microsoft development tools and debuggers.
- Knowledge and experience with DoD Combatant Commands, Military Services, Agencies, and Field Activities operations and missions.
- Experience interpreting, applying and advising others on DOD IA/CND policies, guidance, and regulations.
- B.S. Degree in computer/engineering related field.
- Compliance with DoD Directive 8570.01 (CISSP or IAM III/ IAT III certification)
- EnCE, CFCE, GCFA certification
- Demonstrated expert-level experience in the use of automated forensic tools (e.g. EnCase, Forensic Toolkit, Paraben Suite), Xways, BlackBag Forensic Suite, Knoppix based tools, etc.) and be able to articulate the processes being performed by these automated forensic tools.
- Ability to quickly learn or have current knowledge of network data and the ability to analyze the resulting data
- Strong technical writing skills desired for report writing
- Ability to assemble PowerPoint briefings rapidly and formally brief leadership on changes and significant events security clearance required
- Information Assurance and Network/Computer Security Experience a plus
- CISSP At CGI, we're a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 69,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us. Learn more at www.cgi.com.
This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.
We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.
No unsolicited agency referrals please.
WE ARE AN EQUAL OPPORTUNITY EMPLOYER.
About CGI Group
CGI doesn't generate make-believe worlds, but rather real-life worldwide IT services. The company is the leading...