logo

View all jobs

Forensics Analyst Skill - Level 2 (TS/SCI w/Full Scope Poly)

Annapolis Junction/Fort Meade, Maryland · Information Technology
The Kenjya-Trusant Group is seeking a Forensics Analyst - Level 2 to support a Government contract in the Annapolis Junction, MD area.

THIS POSITION IS CONTINGENT UPON CONTRACT AWARD

SECURITY REQUIREMENT: TS/SCI w/Full Scope Poly

Job Description:
  • Serves as a Cyber Forensics Analyst responsible for conducting detailed digital forensics, host-based analysis, including imaging, digital media processing, and memory capture and data log analysis.
  • Locates and identifies digital evidence.
  • Extracts and carves files from collected evidence.
  • Analyzes intrusion techniques and tradecraft.
  • Assists in root cause and attribution analysis.
  • Identifies, collects, and analyzes relevant host-based artifacts.
  • Maintains cyber hygiene of forensic media and analysis environment.
  • Supports chain of custody throughout incident lifecycle. Configures and utilizes virtualized and/or forensics computer system environments.
REQUIRED CAPABILITIES:
  • Create and maintain chain-of-custody documentation throughout incident response.
  • Perform forensically sound evidence collection and analysis.
  • Provide technical summary of findings in accordance with established reporting procedures.
  • Knowledge of host communications to include common ports, default services of common operating systems.
  • Collect and review artifacts (such as media, live system memory, images, equipment, network traffic, logs, or software).
  • Conduct initial analysis of log files, evidence, and other information.
  • Perform file system forensic analysis to include recovery of hidden and deleted content such as pagefiles, volume shadow copies, or unallocated space.
  • Utilize appropriate tools to decrypt seized data from sources such as full disk encryption and collected malware.
  • Carve data using manual and techniques for tools such as Forensic Tool Kit (FTK), EnCase, and other open-source tools and scripts.
  • Generate, research, and identify content based on file hashes.
  • Search and analyze Windows registry-related content.
  • Perform forensic incident handling tasks (such as forensic collections, host analysis, intrusion correlation and tracking, threat analysis, and direct system remediation) as part of flyaway Incident Response Teams (IRTs).
  • Perform file signature and timeline forensics analysis.
  • Recognize obfuscation and encryption detection techniques along with and understands applicable decoding methods to advance evidence processing during analysis.
  • Possess knowledge of data carving tools and techniques to include restoring deleted artifacts from unallocated disk storage and from system memory (RAM).
  • Detect anti-forensics techniques and tactics.

QUALIFICATIONS:
  • Two (2) years of demonstrated experience as a Cyber Forensics Analyst in programs of similar scope, type and complexity is required.
  • Two (2) years of demonstrated experience using at least two forensic tool suites similar to EnCase, Sleuthkit, FTK, X-WAYS, REKALL, or Axiom.
  • Three (3) years of demonstrated experience working on Windows and Linux operating systems as a Systems administrator or in Software Development and Information Technology Systems (DevOps).
  • Requires DoD 8570 compliance with CSSP Incident Responder baseline certification, Information Assurance Technical (IAT) Level II or Level III certification, and Computing Environment (CE) certification. The CE certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE certifications.
  • Requires Global Information Assurance Certification Forensic Analyst (GCFA) or Global Information Assurance Certification Forensic Examiner (GCFE).


 
 
THE KENJYA-TRUSANT GROUP, LLC is a Service-Disabled Veteran-Owned Small Business that was established in 2015 as a merger between The Kenjya Group, Inc. and Trusant Technologies, LLC. Our mission is to implement, support and protect the nation’s advanced technology systems, business processes and high-technology facilities. Working with the Department of Defense, Department of Homeland Security, the Intelligence Community, state and local governments, and commercial clients, Kenjya-Trusant provides cyber protection, information technology, engineering, construction management and acquisition support services. We are a small company with big company benefits, including Health, Dental, Vision, 401K, Bonus Potential, Flexible Spending Account, Life Insurance, Short- and Long-Term Disability, Paid Time Off, and a culture of teamwork and continuous learning. Come grow with us!
 


  
 

More Openings

Systems Administrator III (TS/SCI w/Poly)
Proposal Manager

Share This Job

Powered by