Forensic Computer Analyst
The Inspection Service is seeking to fill a Forensic Computer Analyst position that will be assigned to a National Headquarters related Cybercrime Unit located in Washington, DC focusing on cyber intrusions and specific cyber related forensic investigations.
DUTIES AND RESPONSIBILITIES
- Conducts forensic examinations of digital and other multimedia evidence through the application of scientific practices for the recognition, collection, analysis, and interpretation of digital evidence for criminal and civil law or regulatory purposes.
- Examines and analyzes evidence and interprets scientific observations and data to render conclusions, form opinions and produce reports utilizing a full range of electronic search methods and forensic examination techniques.
- Provides expert witness testimony; produces comprehensive reports and illustrative exhibits for federal, state, and local judicial proceedings at a level sufficient to explain evidence interpretations and conclusions from forensic examinations and scientific data to a lay audience.
- Serves as a subject matter expert and technical advisor in matters relating to the proper collection, preservation, packaging, and submission of digital and multimedia evidence; participates in crime scene evidence collection activities in major field investigations; ensures evidence handling requirements are met.
- Performs ongoing evaluation and validation of laboratory instrumentation and methods, operating protocols, and safety practices under supervision; maintains awareness of safety procedures and identifies possible physical conditions and/or laboratory procedures that may create unsafe conditions.
- Delivers training in laboratory services, evidence collection, crime scene processing and field examination.
- Conducts studies and research for improving forensic analyses, scientific methods, and resolving forensic examination problems.
- Acts as liaison with postal management and federal, state, and local organizations on technical developments, forensic methods, and investigative problems of common interest.
- Analyzes systems to assist with network intrusion and cybersecurity investigations to determine the cause and extent of a breach.
Conditions of Employment
You must be a U.S. Citizen.
This announcement is for one vacancy located at:
900 Brentwood Rd., NE
Washington, DC 20066
- Ability to provide training related to laboratory services, evidence collection, and field examination.
- Knowledge of evidence collection, preservation, packaging and shipment procedures sufficient to serve as a technical advisor in such matters and to ensure evidence handling requirements are met.
- Knowledge of forensic science techniques, laboratory protocols, research methodologies, quality assurance standards and computer forensic and cyber security examination procedures, instrumentation and software sufficient to properly access, preserve, and extract appropriate evidence from a variety of media and conduct detailed and complex analyses and interpretation of the value of evidentiary items.
- Ability to render conclusions/opinions and make recommendations based on forensic practices of recognition, collection, and interpretation of digital and multimedia evidence related to computer forensic examinations.
- EDUCATION/ CERTIFICATION: Bachelor’s degree in computer sciences, forensic science, or a closely related field from a college or university accredited by a national or regional accreditation organization recognized and sanctioned by the U.S. Department of Education. NOTE: Employees in the Forensic Computer Analyst or Forensic Computer Analyst Sr position prior to June 27, 2015 are exempt from this requirement.
- Ability to conduct and document scientific research related to computer forensic examinations.
- Experience as a Cyber Security Incident Responder within a Security Operations Center (SOC) environment.
- Experience performing as a Computer Forensic Examiner in a Law Enforcement or criminal investigative environment.
- Experience performing sound forensic collection techniques to obtain relevant digital media involved in identified cyber intrusions.
- Experience performing forensic examinations on various computer network and endpoint systems involved with cyber intrusion incidents such as, APT, malware, and DDOS attacks.
- Experience leveraging commercially available and open source forensic tools to efficiently perform forensic triage, collection and analysis.
- Experience analyzing malicious code by using static and dynamic reverse engineering techniques and employing industry tools.
- A Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or other related technical degree.
- One of the following Cyber Security or Forensic certifications or other related certifications:
- ENCE, CFCE, GCFE, GCFA, GREM, GNFA, CISSP.
Bachelor’s degree in computer sciences, forensic science, or a closely related field from a college or university accredited by a national or regional accreditation organization recognized and sanctioned by the U.S. Department of Education. NOTE: Employees in the Forensic Computer Analyst or Forensic Computer Analyst Sr position prior to June 27, 2015 are exempt from this requirement.