Location: Amarillo, TX
Job Title: Cyber Forensics Analyst
Career Level From: Senior Associate
Career Level To: Senior Specialist
Organization: Chief Information Security Off (50003144)
Job Specialty: Cyber Security
What You'll Do
The Cyber Forensics Analyst is responsible for analyzing digital evidence to investigate internal and external computer security incidents and derive useful information in support of system/network vulnerability mitigation. This role also may include performing digital forensics activities in support of ethics and internal audit investigations
- .
Conduct analysis of log files, evidence, and other information to determine best methods for identifying the perpetrator(s) of a network intrusi - onCreate a forensically sound duplicate of the evidence (i.e., forensic image) that ensures the original evidence is not unintentionally modified, to use for data recovery and analysis process
- esDecrypt seized data using technical mea
- nsProvide technical summary of findings in accordance with established reporting procedur
- esEnsure that chain of custody is followed for all digital media acquired in accordance with the Federal Rules of Eviden
- cePerform file signature, static media, and malware analys
- isExtract data using data carving techniqu
- esUse specialized equipment and techniques to catalog, document, extract, collect, package, and preserve digital eviden
- cePerform Windows registry analys
- isCollect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterpri
- seAdditional responsibilities as necessa
ryWhat You Can Expe
- ct
Meaningful work and unique opportunities to support missions vital to national and global secur - ityTop-notch, dedicated colleag
- uesGenerous pay and benefits with a stable organizat
- ionCareer advancement and professional development progr
- amsWork-life balance fostered through flexible work options and wellness initiati
vesMinimum Job Requireme
nts
Bachelor's degree in Computer Science, Information Security, Information Systems or a related field with a minimum of 2 years of relevant experie
nce.
Ten or more years of relevant education, training, and/or progressive experience may be considered to satisfy educational and years-of-experience requirements for this pos
- ting.
Knowledge of cyber threats and vulnerabi - litiesKnowledge of operating systems and file system implement
- ationsKnowledge of physical computer components and architectures, including the functions of various components and perip
- heralsKnowledge of incident response and handling methodo
logiesPreferred Job Requir
- ements
Ability to conduct forensic analyses in both Windows and Unix/Linux envir - onmentsKnowledge of processes for seizing and preserving digital evidence, including legal governance related to admissibility (e.g. Rules of Ev
- idence)Knowledge of hacking method
- ologiesKnowledge in analyzing memory dumps to extract info
- rmationKnowledge of encryption alg
- orithmsExperience using forensic tool suites (e.g., EnCase, a
- nd FTK)Ability to perform both bit-level analysis and packet-level a
- nalysisExperience with analyzing malware and identifying anomalous code as malicious or
- benignExperience with reverse engineering c
- onceptsKnowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating
- systemsAbility to identifying obfuscation tec
- hniquesAbility to perform Windows registry a
- nalysisAbility to use virtual machines and decrypt digital data coll
- ectionsStrong problem solving and communication skills (both orally and in w
riting)