Vacancy caducado!
- Work with the Cyber Analysis and Response team to build a digital forensics capability for the NDIT Cyber Operations Center (CyOC).
- Develop and document processes and procedures for the collection, examination, analysis, and reporting on digital evidence.
- Train and mentor other analysts on the digital forensic process.
- Identify, label, record, and acquire data from various sources of digital evidence while following procedures that preserve the integrity of the data.
- Examine and process digital data using a combination of automated and manual methods to assess and extract data of particular interest, while preserving the integrity of the data.
- Analyze results of examination, using legally justifiable methods and techniques, to derive useful information to address the questions that motivated the forensic examination.
- Report the results of the analysis including the actions taken, tools and procedures utilized, and findings including any additional follow-up actions that need to be performed, recommendations for improvement to policies, guidelines, procedures, tools, or other aspects of the forensic process.
- AccessData Forensic Toolkit (FTK)
- AccessData FTK Imager
- AccessData FTK PRTK
- Volatility
- Winpmem
- Autopsy
- Forensics utilizing Linux OS (SIFT Workstation)
- Forensic Recovery of Evidence Device (FRED)
- Tableau Write Blockers
- Cortex XDR (Endpoint, Detection, and Response)
- Methodologies, best practices, industry standards around the digital forensics process including chain of custody and the proper acquisition, examination, analysis, and reporting of digital evidence
- Memory Analysis
- Network Forensics
- PCAP Analysis
- Mobile Forensics
- Cyber Kill Chains
- MITRE ATT&CK Framework
- Development of digital forensic reports and presentation of analysis and findings
- Legality of digital evidence and testifying and working with law enforcement and other stakeholders
- Forensic processes and infrastructure in the cloud
Vacancy caducado!