Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Host Based Systems Analyst

Param Solutions

Host Based Systems Analyst

Arlington, VA
Full Time
Paid
  • Responsibilities

    CLEARANCE REQUIREMENT: MUST HAVE AN ACTIVE TS SCI.

    CORE COMPETENCIES:

    • Follows proper evidence handling procedures and chain of custody protocols.
    • Produces written reports documenting digital forensic findings.
    • Determines programs that have been executed, finds files that have been changed on disk and in memory.
    • Uses timestamps and logs (host and network) to develop authoritative timelines of activity.
    • Finds evidence of deleted files and hidden data.
    • Identifies and documents case-relevant file-system artifacts (browser histories, account usage and USB histories, etc.).
    • Creates forensically sound duplicates of evidence (forensic image) to use for data recovery and analysis.
    • Performs all-source research for similar or related network events or incidents.
    • Skill in identifying different classes of attacks and attack stages.
    • Knowledge of system and application security threats and vulnerabilities.
    • Knowledge in proactive analysis of systems and networks, to include creating trust levels of critical resources.

    REQUIRED SKILLS:

    • Must be able to obtain a TS/SCI clearance.
    • 4-6 years host investigations or digital forensics experience with a High school diploma; or a Bachelor's degree in a technical discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline, and with 2-4 years of host-based investigations or digital forensics experience.
    • Solid leadership and communication skills. Able to lead activities and, also work as an individual contributor.
    • Experience establishing and maintaining good working relationships in all levels of the organization, including customers, organizations, internal management, and support.
    • Experience with standard security principles, policies, standards, and industry best practices.

    BASIC QUALIFICATION:

    4-6 years host investigations or digital forensics experience with a High school diploma; or a Bachelor's degree in a technical discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline, and with 2-4 years of host-based investigations or digital forensics experience.

    Proficiency level III includes all core competencies as listed above, in addition to the following:

    • Acquires/collects computer artifacts (e.g., malware, user activity, link files, etc.) from systems in support of onsite engagements.
    • Assesses evidentiary value by triaging electronic devices.
    • Correlates forensic findings with network events to further develop an intrusion narrative.
    • When available, collects and documents system state information (running processes, network connections, etc.) prior to imaging.
    • Performs incident triage from a forensic perspective to include determination of scope, urgency, and potential impact.
    • Tracks and documents forensic analysis from initial involvement through final resolution.
    • Collects, processes, preserves, analyzes, and presents computer-related evidence.
    • Coordinates with others within the Government and with customer personnel to validate/investigate alerts or other preliminary findings.
    • Conducts analysis of forensic images and other available evidence and drafts forensic write-ups for inclusion in reports and other written products.
    • Assists to document and publish Computer Network Defense guidance and reports on incident findings to appropriate constituencies.