Advanced Digital Forensics Analyst
Rockville, MD

Job Description

Description

Every day at Perspecta, we enable hundreds of thousands of people to take on our nation's most important work.

We're a company founded on a diverse set of capabilities and skills, bound together by a single promise: we never stop solving our nation's most complex challenges. Our team of engineers, analysts, developers, investigators, integrators and architects work tirelessly to create innovative solutions. We continually push ourselves-to respond, to adapt, to go further. To look ahead to the changing landscape and develop new and innovative ways to serve our customers.

Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many ways-not only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter.

Perspecta's talented and robust workforce-14,000 strong-stands ready to welcome you to the team. Let's make an impact together.

Perspecta has a need for an Advanced Digital Forensics Analyst in Rockville, MD.

* Monitors security incident response tools, such as ArcSight, SPLUNK, McAfee, etc.


* Monitors security systems, and analyzes potential security incidents to client systems.


* Prepares security incident reporting.


* Coordinates technical incident response and remediation activities with the client.


* Participates in investigations to resolution and tracks solutions.


* Reviews failed Logon Reports.


* Assists in development and implementation of technical security policies related to security incident response.


* Provides security analysis and consultation services for security incident monitoring products.


* Works with the Security Analysts to analyze system events, network traffic, and security system alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms.


* Identifies trends and root causes of declared security incidents and provides lessons learn reporting.


* Ensure security incident response procedures meet FDA security requirements.


* Establish and provides reporting for security incident management to appropriate teams/individuals.


* Performs any other Information Security duties as assigned



Qualifications

* Bachelor's Degree in Computer Science or related field; or equivalent post high school education and/or work related experience.


* 5+ years' experience in IT security incident response


* Experience performing digital forensic analysis using EnCase Endpoint Investigator.


* Experience navigating Splunk, Office 365, and McAfee ePolicy Orchestrator.


* Ability to acquire electronic media (hard drives, mobile devices, flash media, optical discs) in a forensically sound manner using industry standard tools and equipment.


* Ability to extract data and perform forensic analysis of mobile devices using the Cellebrite tools suite.


* Knowledge of IP Network architectures including multi-tier defense in depth strategies.


* Experience working with compliance and regulatory program requirements especially FISMA regulated environments.


* Experience analyzing network, event and security logs, and/or IDS alert logs.


* Preference given to candidates who have experience in several of the following:
* Microsoft Windows Server and Desktop Operating Systems


* Microsoft Active Directory


* Microsoft SQL Server


* Sun Solaris


* VMware ESX


* Oracle Datebase


* Firewall, HIDS/IDS, SIEM


* Web server fundamentals


* Vulnerability Scanning Tools (Retina, Nessus)




* Knowledge of industry best practice security standards related to the above (DISA STIG, NIST, etc,


* Excellent analytical, problem solving and decision making skills, applied with a solution-focused attitude


* Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy



Must be able to gain a Public Trust clearance