Digital Forensics Analyst in Arlington, VA at Booz Allen Hamilton Inc.

Date Posted: 5/26/2018

Job Snapshot

Job Description

Job Number: R0012858

Digital Forensics Analyst

Key Role:
Use leading-edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected Cyber intrusions. Follow proper evidence handling procedures and chain of custody protocols. Determine programs that have been executed, including finding files that have been changed on disk and in memory. Use timestamps, host and network logs, photographs, and the collection of hash information to develop authoritative timelines of activity. Find evidence of deleted files and hidden data. Identify and document case relevant file-system artifacts, including browser histories, account usage, and USB histories. Assist with preliminary analysis by tracing an activity to its source and produce documents findings for input into a forensic report.

Basic Qualifications:
-3+ years of experience with digital forensics

-Experience with acquiring or collecting computer artifacts, including malware, user activity, and link files from systems in support of HIRT engagements

-Experience with assessing evidentiary value by triaging electronic devices, correlating forensic findings with network events to further develop an intrusion narrative

-Experience with collecting and documenting system state information, including running processes and network connections prior to imaging

-Experience with performing incident triage from a forensic perspective, including determining of scope, urgency, and potential impact

-Experience with tracking and documenting forensic analysis from initial involvement through final resolution

-Experience with collecting, processing, preserving, analyzing, and presenting computer related evidence

-Experience in coordinating with other HIRT components and client personnel to validate or investigate alerts or other preliminary findings, conducting analysis of forensic images and other available evidence, and drafting forensic reports for inclusion in HIRT products

-Top Secret clearance
-HS diploma or GED

Additional Qualifications:
-DHS Suitability clearance preferred
-Forensics-related SANS GIAC Certifications and CHFI, CCE, and CCFP Certifications

Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation,

national origin, disability, or veteran status—to fearlessly drive change.

JHT, SIG2017

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.