Company Overview

For 29 years, clients in the private and public sectors have relied upon SOS International LLC (SOSi) for critical operations in the world’s most challenging environments. SOSi is privately held, was founded by its current ownership in 1989, maintains corporate headquarters in Reston, VA, and specializes in providing logistics, construction, training, intelligence, and information technology solutions to the defense, diplomatic, intelligence and law enforcement communities.

All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.


5-180918-7832: Digital Forensics Analyst
LocationU.S. - Virginia - Arlington
Open Date9/18/2018
  
JOB DESCRIPTION

STG, Inc., a wholly owned subsidiary of SOS International LLC (SOSi), is seeking a Digital Forensics Analyst to support the Department of Homeland Security in Arlington, VA. The selected applicant will become part of the United States Computer Emergency Readiness Team (US-CERT), responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities.



ESSENTIAL JOB DUTIES

  • Perform forensic analysis on all common operating system environments, to include, but not limited to, Microsoft Windows, Mac OS, UNIX, Linux, Solaris, as well as embedded systems. 

  • Analyze digital media (logs, code, phones, hard drives, memory dumps, etc.) to determine attack vectors and develop mitigation techniques. 
    Identify possible threats based on analysis of digital media. 

  • Maintain readiness to divert and deploy teams of contract resources to provide on-site support and assistance in the event of an exercise or cyber incident. 

  • Develop and disseminate engagement reports, technical reports and briefs based on analytic findings. 

  • Identify and document tactics, techniques and procedures used by an attacker to gain unauthorized access. 

  • Develop procedures and processes to analyze and categorize digital media. 

  • Follow industry standard forensic best practices while imaging, preserving, transporting and handling electronic data and associated physical devices. 

  • Participate in inter-agency sponsored community of interest analysis groups, conduct and participate in technical briefings and exchanges. 

  • Communicate, coordinate and share information and work closely with NCCIC and other HIRT components. 

  • Develop tips, indicators, warnings and actionable information. 

  • Support the development of performance metrics. 

  • Adhere to the CONOPS and SOPs of the HIRT and Digital Forensics Group (DFG).

  • Assist with preservation and duplication of original media obtained from customers. 

  • Assist with maintaining the readiness of all DFG fly-away kits, storage media and forensic VM analyst images. 

  • Assist with maintaining DFG computer equipment and software licensing. 

MINIMUM REQUIREMENTS
  • Security Clearance: Top Secret Security Clearance with the ability to obtain a TS/SCI is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.

  • Education: Bachelors Degree in a related field.

  • Certifications: Security+ or other industry standard certifications

  • This position may be filled at multiple grades based on experience:  Minimum of 2 years related technical experience for a level 2 role, minimum of 5 years related technical experience for a level 3 role, minimum of 9 years related technical experience for a level 4 role, or minimum of 15 years related technical experience for a level 5 role.

  • Familiarity with at least one of the following tools: EnCase, Forensic Toolkit, Autopsy/Sleuthkit

  • Knowledge of investigative methods to locate specific electronic data.

  • Proficiency in the latest cyber forensics, response, and reverse engineering skills and understanding of the latest exploit methodologies.

ADDITIONAL INFORMATION

PREFERRED QUALIFICATIONS

  • Current active DHS SCI and EOD

  •  Forensics certification(s) in EnCE, CCE, CFCE, and/or GCFA