Digital Forensics Analyst/Investigator
Designed by analysts but built for the entire team (security operations, threat intelligence, incident response and security leadership), ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. Founded in 2011, the company started servicing government agencies on specialized cybersecurity contracts while building its platform. Officially launched in 2013, the ThreatConnect Platform has grown to more than 20,000 users worldwide. Whether you want to work on building a world-class security platform or as a member of the services team, you will enjoy a career that truly makes an impact. For more information on the benefits of working at ThreatConnect, visit www.threatconnect.com/careers
- Perform forensic analysis on all common operating system environments, to include, but not limited to, Microsoft Windows, Mac OS, UNIX, Linux, Solaris, as well as embedded systems.
- Analyze digital media (logs, code, phones, hard drives, memory dumps, etc.) to determine attack vectors and develop mitigation techniques.
- Identify possible threats based on analysis of digital media.
- Maintain readiness to divert and deploy teams of contract resources to provide on‐site support and assistance in the event of an exercise or cyber incident.
- Develop and disseminate engagement reports, technical reports and briefs based on analytic findings.
- Identify and document tactics, techniques and procedures used by an attacker to gain unauthorized access.
- Develop procedures and processes to analyze and categorize digital media.
- Follow industry standard forensic best practices while imaging, preserving, transporting and handling electronic data and associated physical devices.
- Participate in inter‐agency sponsored community of interest analysis groups, conduct and participate in technical briefings and exchanges.
- Communicate, coordinate and share information and work closely with NCCIC and other HIRT components.
- Develop tips, indicators, warnings and actionable information.
- Support the development of performance metrics.
- Adhere to the CONOPS and SOPs of the HIRT and Digital Forensics Group (DFG).Assist with preservation and duplication of original media obtained from customers.
- Assist with maintaining the readiness of all DFG fly‐away kits, storage media and forensic VM analyst images.
- Assist with maintaining DFG computer equipment and software licensing.
- Bachelor’s Degree
- Active Top Secret Security Clearance with the ability to obtain a TS/SCI is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.
- Familiarity with at least one of the following tools: EnCase, Forensic Toolkit, Autopsy/Sleuthkit
- Knowledge of investigative methods to locate specific electronic data.
- Proficiency in the latest cyber forensics, response, and reverse engineering skills and understanding of the latest exploit methodologies.
- 10 Paid Federal Holidays
- Accrued Paid Time Off (PTO) for vacation/sick, time
- Your birthday off
- Employee recognition program with quarterly awards
- Employee referral program
- Military leave options available
- Education reimbursement program for job-related college courses and professional training
- Company-provided refreshments at our headquarters
- Quarterly events with your geographic team
- Annual company party
- MEDICAL PREMIUM FOR INDIVIDUALS AND FAMILIES ARE 100% COVERED
- Prescription drug coverage
- Dental coverage
- Vision coverage
- Company-paid short term and long term disability
- Company-paid insurance and AD&D coverage
- 401K retirement savings plan with company matching program up to 6%
- Health Savings Account
- Flexible Spending Accounts (medical, dependent care, transit and parking)
- Cell phone stipend