Host Based Systems Analyst

Gray Tier Technologies

Host Based Systems Analyst

Arlington, VA
Full Time
Paid
  • Responsibilities

    Core Competencies:

    • Uses leading edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected cyber intrusions
    • Follows proper evidence handling procedures and chain of custody protocols
    • Produces written reports documenting digital forensic findings
    • Determines programs that have been executed, finds files that have been changed on disk and in memory
    • Uses timestamps and logs (host and network) to develop authoritative timelines of activity
    • Finds evidence of deleted files and hidden data
    • Identifies and documents case relevant file-system artifacts (browser histories, account usage and USB histories, etc.)
    • Creates forensically sound duplicates of evidence (forensic image) to use for data recovery and analysis
    • Performs all-source research for similar or related network events or incidents
    • Skill in identifying different classes of attacks and attack stages
    • Knowledge of system and application security threats and vulnerabilities
    • Knowledge in proactive analysis of systems and networks, to include creating trust levels of critical resources

    Requirements

    • (7-9 years host investigations or digital forensics experience with a High school diploma; or a Bachelor's degree in a technical discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline, and with 5-7 years of host-based investigations or digital forensics experience)
    • Proficiency level III includes all skills defined at level II in addition to the following:
    • Assists with leading and coordinating forensic teams in preliminary investigation
    • Plans, coordinates and directs the inventory, examination and comprehensive technical analysis of computer related evidence
    • Distills analytic findings into executive summaries and in-depth technical reports
    • Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols
    • Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement
    • Evaluates, extracts and analyzes suspected malicious code