Digital Media Exploitation Forensic Examiner - Senior (Job Number:437687)
- Develops new tradecraft, work flows, processes, and requirements to maintain and advance the capabilities associated with digital forensic exploitation.
- Develop and maintain Standard Operating Procedures.
- Coordinate with vendors to test and validate new technologies and provide recommendations to government personnel on acquisition and employment.
- Synchronize workforce and priorities provided by government personnel.
- Serves as a source of technical counsel and advice for forensic collection and processing activities.
- Plans, organizes, conducts, and directs data collections and processing.
- Responsible for managing digital forensic examinations through the entire lifecycle (case planning, intake, acquisition, examination, presentation and disposition).
- Operates at a senior level, applying industry accepted digital forensic principles in acquiring, collecting, preserving, and processing structured and unstructured data according to established SOPs, procedures, and protocols.
- Responsible for performing complex, large-scale digital forensic examinations to include collection in a live environment
- Utilizes industry accepted forensic tools and researches and maintains proficiency in tools, techniques, and trends.
- Prepares findings reports.
- Acts as a source of reference for junior analysts and possesses the ability to lead forensic investigations in the field or deployed environment.
- Complies with the standards, policies, and procedures established for the forensic laboratory as it applies to digital evidence.
TYPICAL EDUCATION AND EXPERIENCE:
- Bachelors and six (6) years or more of related experience; Masters and four (4) years or more experience; PhD and 0 years related experience
- Must have a current/active TS/SCI security clearance.
REQUIRED EDUCATION AND EXPERIENCE:
- At least 6 years of technical experience.
- At least 3-5 years of recent experience operating EnCase, FTK, Internet Evidence Finder/Axiom, UFED, Oxygen, and XRY conducting document and media exploitation in the DoD, Intelligence Community (IC), or a Law Enforcement Agency.
- Advanced acquisition experience with JTAG, Chip-off, and Flasher Boxes.
- File system exploitation knowledge and proficiency with iOS, Android, Linux, Windows, and Macintosh.
- Exploitation knowledge and proficiency with registries and volume shadow copies.
- Knowledge, experience, and proficiency operating the Atola, M2, and Volatile memory exploitation.
- Demonstrated experience in the use of forensic tools and the ability to articulate, in detail, the processes being conducted by the automated forensic tools.
- Demonstrated experience in dead box and live data acquisition methodologies.
- Ability to multitask and manage several tasks while delegating tasks to subordinates as needed.
- Ability to learn, operate, and train personnel on biometric enrollments.
- Bachelors or Master’s degree in digital forensics, computer science, mathematics, or associated subject.
- Knowledge of DOMEX processes, Sensitive Site Exploitation, the National and Operational DOMEX communities, and DOMEX IT systems.
- Ability to pass and maintain 1 non-vendor specific Digital Forensic Certification.
- Possess and maintains at least 1 tool-specific Digital Forensic Certification.
SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAICs approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see My SAIC Benefits. EOE AA M/F/Vet/Disability
Job Posting: Aug 9, 2018, 10:15:28 AM
Primary Location: United States-NC-FORT BRAGG
Clearance Level Must Currently Possess: Top Secret/SCI
Clearance Level Must Be Able to Obtain: Top Secret/SCI
Potential for Teleworking: No
Travel: Yes, 25% of the time
Shift: Day Job