2022-05-10
ManTech (www.mantech.com)
Other
/yr
full-time
employee
Bethesda
Maryland
20817
United States
Where applicable, confirmation that you meet customer requirements for facility access which may include proof of vaccination and/or attestation and testing, unless an accommodation has been approved.
Secure our Nation, Ignite your Future
ManTech provides mission-focused technology solutions and services for U.S. defense, intelligence and federal civilian agencies. In business for more than 52 years, we excel in full-spectrum cyber, data collection & analytics, enterprise IT, and systems and software engineering solutions that support national and homeland security.
The Technical Exploitation Support Services team is critical in supporting DoD, Federal, and IC partners’ Global War on Terrorism efforts by providing state of the art technical exploitation and collection capabilities in digital media exploitation triage and automation, advanced technical Media Exploitation (MEDEX), and advanced Mobile Device Exploitation. Activities include digital forensics activities, software reverse engineering, hardware exploitation, parser development, reverse engineering, mobile applications development and engineering, and technical exploitation (collection, transmission, prioritization translation, and analysis and dissemination of materials).
Currently, ManTech is seeking a Lead Digital Forensics Analyst (SME) specialized in advanced MEDEX and Technical Exploitation capabilities to join our team at the Intelligence Community Campus-Bethesda, MD.
Responsibilities include, but are not limited to:
• Bit-level device acquisition of PC’s, Mac’s, smartphones and other devices.
• Expert level knowledge of solutions tracking enemy TTPs and exploiting weaknesses in the use of anti-forensic tools.
• Advanced or Expert technical exploitation tool and script development, artifact pattern analysis, exploitation, and cross set link analysis of digital media ranging from dumb phones, smartphones, Mac's, Windows PC's, Linux PC's and other devices.
• Advanced Technical Exploitation capabilities to include: Various Operating Systems and file systems, internet history analysis, registry analysis, application analysis, and database analysis.
• Provide expert-level capability in hardware configuration, network/data communications, software development, scripting, and database exploitation.
• Researching emerging trends, capabilities, and technology.
• Comfortable executing Python scripts, SQL queries, and other CLI commands.
• Advanced Technical Exploitation capabilities to include:
• Expertise in various operating systems and file systems,
• Analysis and exploitation to include pattern recognition and cross set link analysis of forensic artifacts to include but not limited to internet history, registry, applications, virtual machines, backups, databases, and communications such as messaging and social media.
• Provide global Technical Exploitation response capabilities to include:
• Pattern of life and behavioral analysis through media examinations.
• Provide deployable technical exploitation personnel to meet DOD & partner contingency requirements
• Provide expert multi-functional exploitation expertise as required
• Coordinate with customer operations on technical exploitation platform & training related issues.
Basic Qualifications:
• Bachelor’s degree in Science, Technology, Engineering and Mathematics (STEM) discipline preferred and a minimum of 7 or more years of demonstrated technical exploitation experience and skills such as computer forensics, technical exploitation, reverse engineering, and/or malware analysis.
• Industry standard forensic certifications such as: EnCase Certified Examiner (EnCE), AccessData Certified Examiner (ACE), Certified Computer Examiner (CCE), or EC-Council, ISACA, (ISC)2, & GIAC related forensic certifications or obtain a certification within the first 6 months of employment.
• Department of Defense (DoD) 8570 Compliant, IAT Level II or obtain within one week of hire..
• Experience and/or certified in two or more of the following commercial forensic tools: ACE, Axiom, EnCase, X-Ways, Blackbag, Physical Analyzer, and Oxygen.
• Ability to design, implement and document computer forensics services to include evidence seizure, computer forensic analysis and data recovery.
• Ability to convey technical information effectively and concisely to a wide range of audiences to include; presentations, briefing, and technical intelligence reports.
• Willing to travel CONUS and/or OCONUS on TDY to include war zones.
• Meet CENTCOM physical and physiological deployment requirements to include carrying a weapon, before commencement of work.
Preferred Qualifications:
• Experience in intelligence reporting, investigations, and/or targeting a plus.
• Experience conducting link analysis and Pattern of Life studies.
• Experience writing Python scripts and SQL queries preferred.
• Experience in cross collection exploitation and analysis to include:
• Discovery of applications of interest used across sets by target groups.
• Discovery of tactics, techniques, and procedures employed by target groups.
• Experience in hardware and/or firmware exploitation.
Security Clearance Requirements:
• Active TS/SCI clearance with a Counterintelligence (CI) Polygraph or obtain a CI Polygraph before the start date.
Physical Requirements:
• Must be able to remain in a stationary position 50%.
• Constantly positions self to maintain computers in the lab, including under the desks and in the server closet.
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.
• Must be able to detect, Determine, Perceive, Identify, Recognize, Judge, Observe, Inspect, Estimate, & Assess.
• The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
#LI-DU1
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.
