Host Forensics Analyst IV

Our Partner, as a prime contractor to the Federal Customer, performs investigations to develop a preliminary diagnosis of the severity of breaches. They offer remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. Contract personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. They are seeking Host Forensics Analysts to support this critical customer mission.

Responsibilities

• Assist Federal leads with overseeing and leading forensic teams at onsite engagements by coordinating evidence collection operations
• Provide technical assistance on digital evidence matters and forensic investigative techniques to appropriate personnel when necessary
• Write in-depth reports, support with peer reviews, and provide quality assurance reviews for junior personnel
• Support forensic analysis and mentor/provide guidance to others on data collection, analysis, and reporting in support of onsite engagements
• Assist with leading and coordinating forensic teams in preliminary investigation
• Plan, coordinate, and direct the inventory, examination and comprehensive technical analysis of computer related evidence
• Distill analytic findings into executive summaries and in-depth technical reports
• Serve as technical forensics liaison to stakeholders and explain investigation details to include forensic methodologies and protocols
• Track and document on-site incident response activities and provide updates to leadership throughout the engagement
• Evaluate, extract, and analyze suspected malicious code

Requirements

• U.S. Citizenship
• TS/SCI Clearance
• Must be able to obtain DHS Suitability
• BS Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics experience
• 8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
• Ability to create forensically sound duplicates of evidence (forensic images)
• Able to write cyber investigative reports documenting digital forensics findings
• Experience with the analysis and characterization of cyber attacks
• Experience with proper evidence handing procedures and chain of custody protocols
• Skilled in identifying different classes of attacks and attack stages
• Knowledge of system and application security threats and vulnerabilities
• Knowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resources
• Must be able to work collaboratively across physical locations

Desired Skills

• Proficiency with conducting all-source research
• Experience with or knowledge of two or more of the following tools:
  • EnCase
  • FTK
  • SIFT
  • X-Ways
  • Volatility
  • WireShark
  • Sleuth Kit/Autopsy
  • Splunk
  • Snort
  • Other EDR Tools (Crowdstrike, Carbon Black, Etc.)

Desired Certifications

• GCFA, GCFE, EnCE, CCE, CFCE, CISSP

About Us
For more than 20 years, NewGen Technologies has solved our clients' toughest IT challenges with integrity, security, and outstanding service by delivering both technology and talent. We have helped secure borders, have used artificial intelligence (AI) to fight terror, aided the identification of criminals, and have helped to prevent crime through the introduction of biometrics. Our team of Highly Cleared Specialists have hard-to-find skills and expertise in a wide spectrum of technologies to provide solutions that transform business processes and solve problems of national significance. #CJ