Cyber Forensic Analyst
This position is eligible for a sign-on bonus.
AbleVets, LLC is a fast-growing Service Disabled Veteran Owned Small Business (SDVOSB) providing healthcare information technology services and resources to help the Veterans Affairs (VA) and Department of Defense (DoD) improve the lives of the people they serve. AbleVets has an opportunity for an experienced, motivated Cyber Forensic Analyst to support our VA customer. The Cyber Forensic Analyst will be responsible for providing security analysis and recommendations to VA on cyber intrusions, malware incidents and cybersecurity related investigations. The position is located on-site at the customer’s facility.
The successful candidate must be knowledgeable with acquiring and analyzing forensic data and evidence, data preservation and chain of custody. Duties and responsibilities may include, but are not limited to:
- Utilizing EnCase and 3rd party forensic tools to perform computer forensic services in support of designated cybersecurity investigations, and documentation.
- Conduct forensic evidence collection and maintain chain of custody for all digital evidence in accordance with NIST, VA and OMB standards
- Execute existing forensic processes and procedures and provide improvement recommendations
- Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks
- Utilize security tools to include Splunk, McAfee ePO and SIEM to correlate and analyze network sensor data with host forensics
- Produce technical analysis reports including root cause analysis summarizing analyzed hosts and/or artifacts discovered during incident investigation and research, forensic evidence collected, proof of chain custody adherence, etc.
- Maintain and provide operational support for deployment of EnCase Enterprise, and administration and management of components for VA computer forensics laboratories
- Bachelor’s degree required, and at least 6 years IT experience and minimum four years advanced Cyber Threat Information experience. Four years of relevant experience may be substituted with professional certification (e.g., CISSP, GREM or GCIH)
- Certification (or ability to obtain certification within 120 days at the company's expense)
- Must be able to obtain the EnCase Certified Examiner (EnCE) Certification within 120 days of hire
- In depth understanding of NIST SP 800-61, US CERT and Office of Management and Budget (OMB) standards
- Knowledge of Windows/Linux file systems, files, applications, metadata, and logs
- Outstanding written skills for preparing reports and briefings
- Excellent analytical and problem solving skills
- Must have the ability to obtain and maintain a U.S. government Public Trust security clearance which will require successful completion of a background check and fingerprinting.
AbleVets LLC appreciates your interest in our company as a place of employment. We are proud to be an equal opportunity/affirmative action employer and are committed to hiring and retaining a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability, veteran status, or any other protected class. AbleVets is a VEVRAA Federal Contractor.
Back to top