Lead Digital Forensic Investigator
Job Description and Duties
The California Department of Justice (DOJ) announces an exceptional career opportunity to work in an exciting program committed to providing outstanding electronic discovery, incident response and digital investigation services to a large, statewide law enforcement agency. The mission of the California Justice Information Services Division, Cybersecurity Branch, Office of Digital Investigations (ODI) is to assist law enforcement and DOJ legal divisions with best-in-class information technology incident response, digital investigation, and forensically sound preservation, acquisition and analysis of complex computing environments.
DOJ is seeking a highly motivated and analytical individual to serve as a non-sworn Lead Digital Forensic Investigator. The ITS II serves as a technical lead for a team of advanced digital forensics investigators, specializing in digital forensics, big data, cloud, Internet of Things (IoT), electronic information systems and social media forensics. The incumbent performs a variety of duties within the digital investigations and cybersecurity incident response lifecycle, as well the Electronic Discovery Reference Model (EDRM). Activities include digital forensic examinations of computers, servers, networks and other digital devices with the purpose of identifying, collecting, and presenting data for preservation and later introduction as evidence in court or other legal proceedings. The ITS II serves as a Subject Matter Expert (SME) and demonstrates a high level of knowledge pertaining to data storage and management, installation, configuration, security, maintenance, troubleshooting, backup, and recovery, relating to personal computing, application, server, security, storage, and network infrastructure. Incumbent provides technical expertise, support and advice to state and local law enforcement agencies on issues relating to the seizure, operation and forensic examination of information technology, both alone and as lead of a team of digital forensic investigators.To succeed in this position, it is highly recommended that the candidate be able to demonstrate mastery in the realm of cyber-crime incident response and handling methodologies; understand electronic theory, troubleshooting and use of testing instruments; be proficient in the social dynamics of computer attackers in a global context; possess substantial understanding of procedural law dealing with cyber-crime and digital evidence; and demonstrate expertise in the design, implementation, maintenance, documentation and use of an efficient and effective digital forensic laboratory.
This position requires a steep level of confidentiality as information that the ITS II will have access to can be very private, privileged or sensitive in nature. Willingness to travel throughout the state is a must.
Under general direction, incumbents demonstrate a depth of leadership and expertise in one or more domains. Incumbents perform a wide variety of tasks requiring innovative problem-solving where guidance is not readily available. Incumbents optimize and apply architecture solutions for the benefit of the overall organization and play a major role in advising management or formulating information technology strategy and policy within the organization. Incumbents typically work in the Software Engineering, Information Security Engineering, Information Technology Project Management, or System Engineering domains.
Incumbents may: develop and ensure security solutions and technical artifacts are in place throughout all information technology systems and platforms; monitor and assess security controls, conduct security impact analyses, and report system security statuses; perform risk assessments and recommend information technology solutions; analyze incident-related data and determine the appropriate response; design new technologies, architectures, and solutions that will support security requirements; develop implementation plans including cost-benefit or return on investment analyses; design infrastructure configuration and change management standards or requirements; develop or update project plans for information technology projects; lead and mentor project teams; manage integration of information systems and/or subsystems; manage project(s) to ensure adherence to budget, schedule, and scope; review software architecture and make recommendations regarding technical and operational feasibility; plan, design, and implement the enterprise data models using standardized modeling tools to align technology solutions with business strategies; perform configuration management and release management for system components; verify stability, interoperability, portability, security, or scalability of system architecture; create backup and recovery strategies; conduct disaster and recovery analysis, planning, implementation, and administration for systems; and monitor and conduct audits of system capacity, performance, and traffic analysis.