Senior Digital Forensics Analyst - Military veterans preferred

2020-10-17
ManTech (www.mantech.com)
Other

/yr

  full-time   employee


Bethesda
Maryland
20817
United States

Secure our Nation, Ignite your Future

Currently, ManTech is seeking a motivated, mission oriented Senior Digital Forensics Analyst specialized in advanced MEDEX and Technical Exploitation capabilities to join our team in the Bethesda, MD.

Responsibilities include, but are not limited to:

  • Bit-level device acquisition of PC’s, Mac’s, smartphones and other devices.
  • Expert level knowledge of solutions tracking enemy TTPs and exploiting weaknesses in the use of anti-forensic tools.
  • Advanced or Expert technical exploitation tool and script development, artifact pattern analysis, exploitation, and cross set link analysis of digital media ranging from dumb phones, smartphones, Mac's, Windows PC's, Linux PC's and other devices.
  • Advanced Technical Exploitation capabilities to include: Various Operating Systems and file systems, internet history analysis, registry analysis, application analysis, and database analysis. 
  • Provide expert-level capability in hardware configuration, network/data communications, software development, scripting, and database exploitation.
  • Researching emerging trends, capabilities, and technology.
  • Comfortable executing Python scripts, SQL queries, and other CLI commands.
  • Advanced Technical Exploitation capabilities to include:
    • Expertise in various operating systems and file systems,
    • Analysis and exploitation to include pattern recognition and cross set link analysis of forensic artifacts to include but not limited to internet history, registry, applications, virtual machines, backups, databases, and communications such as messaging and social media.
  • Provide global Technical Exploitation response capabilities to include:
    • Pattern of life and behavioral analysis through media examinations.
    • Provide deployable technical exploitation personnel to meet DOD & partner contingency requirements
    • Provide expert multi-functional exploitation expertise as required
    • Coordinate with customer operations on technical exploitation platform & training related issues.

Position Requirements:

  • Bachelor’s degree in Science, Technology, Engineering and Mathematics (STEM) discipline preferred and a minimum of eight years of demonstrated technical exploitation experience and skills such as computer forensics, technical exploitation, reverse engineering, and/or malware analysis.
  • Industry standard forensic certifications such as: EnCase Certified Examiner (EnCE), AccessData Certified Examiner (ACE), Certified Computer Examiner (CCE), or EC-Council, ISACA, (ISC)2, & GIAC related forensic certifications.
  • Must be Department of Defense (DoD) 8570 Compliant, IAT Level II or ability to obtain within six months from starting.
  • Experience and/or certified in two or more of the following commercial forensic tools: Axiom, EnCase, X-Ways, Blackbag, Physical Analyzer, and Oxygen.
  • Ability to design, implement and document computer forensics services to include evidence seizure, computer forensic analysis and data recovery.
  • Ability to convey technical information effectively and concisely to a wide range of audiences to include; presentations, briefing, and technical intelligence reports.
  • Willing to travel CONUS and/or OCONUS on TDY to include war zones.
  • Must meet CENTCOM physical and physiological deployment requirements to include carrying a weapon, before commencement of work.

Security Requirements:

  • Must possess an active TS/SCI clearance w/ a Counterintelligence (CI) Polygraph.

Highly Desired Experience:

  • Experience in intelligence reporting, investigations, and/or targeting a plus.
  • Experience conducting link analysis and Pattern of Life studies.
  • Experience writing Python scripts and SQL queries preferred.
  • Experience in hardware and/or firmware exploitation.

Physical Requirements:

  • Must be able to remain in a stationary position 50%.
  • Constantly positions self to maintain computers in the lab, including under the desks and in the server closet.
  • Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
  • Must be able to detect, Determine, Perceive, Identify, Recognize, Judge, Observe, Inspect, Estimate, & Assess.
  • The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

#LI-AF1

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.