About the Role
Required Skills & Demonstrated Experience
Performing hands-on forensic review of devices to include laptops and mobile devices, using open source or commercial forensic tools, such as EnCase, FTK, X-Ways, Magnet IEF, or BlackLight.
 Handling and imaging various types of evidence from Solid State Drives (SSD), Hard Disk Drives (HDD), Thumb Drives, Volatile Memory, or Compact Disks.
 With data extraction and analysis from various data sources including files, logs, directories, unallocated space, raw images, and custom databases.
 Parsing data types necessary to extract metadata and content of forensic value from various data sources.
 In depth understanding of multiple operating systems such as Windows, Linux, iOS, and Android.
 Performing hands-on forensic review or reverse engineering of modern mobile devices such as Google Android or Apple iOS.
 Working with virtualization software and virtualized environments to include ESXi, VMWare, or VirtualBox.
 Conducting analysis of identified malicious software or code using both static and dynamic malware analysis.
 Using debuggers and disassemblers such as OllyDbg, WinDbg, IDA Pro, or Binary Ninja.
 Understanding system kernel level processing to detect and report on significant kernel events such as root kits, hooked functions, call tables, and data structures.
Desired Skills & Demonstrated Experience
Using programming skills using scripting languages such as Perl, Python, or Bash.
 Sponsor’s enterprise and operational activities, capabilities, technical development programs.
Sponsor’s information cyber security policies and regulations.
 Risk management standards, Committee on National Security Systems Publication (CNSSP) 1253, Federal Information Processing Standards (FIPS) 140-2, 199, 200, and National Institute of Standards and Technology (NIST) Special Publication 800-37, 800-39, 800-53.