Host Forensics Analyst

The DHS’s Hunt and Incident Response Team (HIRT) secures the Nation’s cyber and communications infrastructure.

HIRT provides DHS’s front line response for cyber incidents and proactively hunting for malicious cyber activity.

BCMC performs HIRT investigations to develop a preliminary diagnosis of the severity of breaches.

BCMC provides HIRT remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities.

Contract personnel provide front line response for digital forensics / incident response (DFIR) and proactively hunting for malicious cyber activity.

BCMC is seeking Host Forensics Analysts to support this critical customer mission.

Responsibilities :

• Assists with leading and coordinating forensic teams in preliminary investigations - Plans, coordinates and directs the inventory, examination and comprehensive technical analysis of computer related evidence - Distills analytic findings into executive summaries and in-depth technical reports - Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement - Evaluates, extracts and analyzes suspected malicious code - Acquire / collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements - Triage electronic devices and assess evidentiary value - Correlate forensic findings to network events in support of developing an intrusion narrative - Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required - Perform forensic triage of an incident to include determining scope, urgency and potential impact - Track and document forensic analysis from initial participation through resolution - Collect, process, preserve, analyze and present computer related evidence - Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products - Assist to document and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings Required Skills / Clearances : - U.S.

Citizenship - Active TS / SCI clearance - Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability -5+ years of direct relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools - Ability to create forensically sound duplicates of evidence (forensic images) - Ability to author cyber investigative reports documenting digital forensics findings - Proficiency with analysis and characterization of cyber attacks - Proficiency with proper evidence handing procedures and chain of custody protocols - Skilled in identifying different classes of attacks and attack stages - Understanding of system and application security threats and vulnerabilities - Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources - Able to work collaboratively across physical locations - Proficiency with common operating systems (e,g, Linux / Unix, Windows) Desired Skills :

Required Education :

Desired Certifications :

We are ISO 9001 :