Technical Exploitation Analyst - Military veterans preferred



  full-time   employee

United States


SAIC is seeking a Technical Exploitation Analyst to support a major program at the National Media Exploitation Center (NMEC) within the National Capital Region.  Duties and responsibilities include providing:

  • Solutions to tracking enemy tactics, techniques, and procedures (TTPs) and exploiting weaknesses in the use of anti-forensic tools.
  • Solutions to registry analysis and correlating results throughout customer holdings for link analysis.
  • Technical exploitation tool and script development.
  • Artifact pattern analysis, exploitation, and cross-set link analysis.
  • Exploitation and cross-set link analysis in the areas of communication tools and methods, social media, and messaging.
  • Solutions in uncommon Operating System exploitation to include Linux, Mac, and mobile device OSs.
  • Emerging technology application analysis and exploitation to prevent technological surprise.
  • Internet history and artifact analysis.
  • Solutions in steganography and other data obfuscation detection and analysis.
  • Identification of the latest forensic and technical exploitation tools and ability to evaluate tools for inclusion into customer’s processes.
  • Cross-collection exploitation to include:
  • Discovery of applications of interest used across sets by target groups.
  • Discovery of tactics, techniques, and procedures employed by target groups.
  • High-quality forensic reports of interest to customers and the Intel Community.
  • Application and internet activities analysis to support source vetting, digital profiling, and other requirements.
  • Reverse-engineering techniques to detect and identify malware.
  • Coordination, enhancement, and promulgation of forensic and technical exploitation standards for forward-deployed customer assets.
  • Technical field support to deployed platforms and operations and potentially deploy in support of contingency operations.
  • Provide expert multi-functional exploitation expertise as required.
  • Coordination with customer operations on technical exploitation platform and training-related issues.
  • Planning, integration, and execution of full-spectrum technical exploitation plans, exercises, training and operations as required.
  • Assistance in the conduct of Site Exploitation (SE) activities as required.
  • Assistance in asset validation and credibility assessments by providing baseline assessments of digital media and cellular telephones.


  • Must have a current/active TS/SCI and be willing and able to pass a CI polygraph prior to starting
  • Requires a Bachelor’s degree in Computer Science or closely related (technical) discipline and at least nine (9) years of related experience, such as computer forensics, DOMEX, reverse engineering, and malware analysis.  4 additional years of experience may be substituted in lieu of degree.
  • Training in and knowledge of intelligence targeting  and all-source analysis
  • Ability to design, implement and document computer forensics services to include evidence seizure, computer forensic analysis, and data recovery.
  • Ability to convey technical information effectively and concisely to a wide range of audiences.
  • Industry standard EnCE, arid ACE, or CCE, or GIAC forensic certifications.
  • Experience in hardware configuration and network/data communications.
  • Experience in software development and scripting.
  • Experience in database technology and database exploitation/forensics.
  • Experience in law enforcement evidence seizure.
  • Experience conducting intelligence analysis, prioritizing work assignments, and writing finished intelligence reports.