Host Forensics Analyst

Host Forensics Analyst supporting DHS HIRT investigations onsite in Arlington, VA. Responsibilities include overseeing and leading forensic teams at onsite engagements, coordinating data collection and forensic techniques, producing in-depth cyber investigative reports with peer reviews, mentoring junior personnel, guiding data collection, analysis and reporting for onsite engagements, directing inventory, examination and technical analysis of computer systems and digital artifacts, distilling analytic findings into executive summaries and technical reports, acting as liaison to stakeholders to explain methodologies and protocols, and tracking on-site activities for leadership updates. Travel to incident locations in the United States, Territories & Possessions and perform forensic analysis including extraction and analysis of suspected malicious code. Required skills include U.S. Citizenship, active TS/SCI clearance, ability to obtain DHS Suitability, 8+ years in cyber forensics, forensic imaging, and reporting, experience with cyber-attack analysis, asset preservation procedures, and knowledge of security threats; preferred tools include EnCase, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, Splunk, SIEMs, EDR tools; education: BS in Computer Science/Cybersecurity/Computer Engineering or related field (or HS Diploma with 10+ years of experience); relevant certifications such as GCFA, GCFE, EnCE, CCE, CFCE, CISSP.