Technical Exploitation Analyst
- Military veterans preferred
2019-06-21 SAIC (www.saic.com)
Bethesda Maryland 20816 United States
SAIC is seeking a Technical Exploitation Analyst to support a major program at the National Media Exploitation Center (NMEC) within the National Capital Region. Duties and responsibilities include providing:
Solutions to tracking enemy tactics, techniques, and procedures (TTPs) and exploiting weaknesses in the use of anti-forensic tools.
Solutions to registry analysis and correlating results throughout customer holdings for link analysis.
Technical exploitation tool and script development.
Artifact pattern analysis, exploitation, and cross-set link analysis.
Exploitation and cross-set link analysis in the areas of communication tools and methods, social media, and messaging.
Solutions in uncommon Operating System exploitation to include Linux, Mac, and mobile device OSs.
Emerging technology application analysis and exploitation to prevent technological surprise.
Internet history and artifact analysis.
Solutions in steganography and other data obfuscation detection and analysis.
Identification of the latest forensic and technical exploitation tools and ability to evaluate tools for inclusion into customer’s processes.
Cross-collection exploitation to include:
Discovery of applications of interest used across sets by target groups.
Discovery of tactics, techniques, and procedures employed by target groups.
High-quality forensic reports of interest to customers and the Intel Community.
Application and internet activities analysis to support source vetting, digital profiling, and other requirements.
Reverse-engineering techniques to detect and identify malware.
Coordination, enhancement, and promulgation of forensic and technical exploitation standards for forward-deployed customer assets.
Technical field support to deployed platforms and operations and potentially deploy in support of contingency operations.
Provide expert multi-functional exploitation expertise as required.
Coordination with customer operations on technical exploitation platform and training-related issues.
Planning, integration, and execution of full-spectrum technical exploitation plans, exercises, training and operations as required.
Assistance in the conduct of Site Exploitation (SE) activities as required.
Assistance in asset validation and credibility assessments by providing baseline assessments of digital media and cellular telephones.
Must have a current/active TS/SCI and be willing and able to pass a CI polygraph prior to starting
Requires a Bachelor’s degree in Computer Science or closely related (technical) discipline and at least nine (9) years of related experience, such as computer forensics, DOMEX, reverse engineering, and malware analysis. 4 additional years of experience may be substituted in lieu of degree.
Training in and knowledge of intelligence targeting and all-source analysis
Ability to design, implement and document computer forensics services to include evidence seizure, computer forensic analysis, and data recovery.
Ability to convey technical information effectively and concisely to a wide range of audiences.
Industry standard EnCE, arid ACE, or CCE, or GIAC forensic certifications.
Experience in hardware configuration and network/data communications.
Experience in software development and scripting.
Experience in database technology and database exploitation/forensics.
Experience in law enforcement evidence seizure.
Experience conducting intelligence analysis, prioritizing work assignments, and writing finished intelligence reports.