Senior Cyber Forensics Subject Matter Expert


TIAG is now hiring a Senior Cyber Forensics SME to join our team supporting a Navy customer at Port Hueneme, CA.

On this program, TIAG provides technical expertise in Cybersecurity to support a newly formed team. The team’s objective is to evaluate systems critical to Navy’s mission and develop a strategy to secure them. The primary function of the team is having a holistic understanding of network architecture, ports and protocols, behavior patterns, computing technologies, operating systems, applications, and electronic devices to identify security anomalies and events.

The Senior Cyber Forensic team member is responsible for the analysis of Information Systems (IS) to detect security incidents and malware. More specifically, Microsoft Windows and Linux based servers and clients and logs they produce. An ideal candidate for this position will have experience with system administration/management, various operating systems, disk and memory forensics, log analysis, malware triage, and a good understanding of network technologies and concepts. The candidate must be familiar with common host-based indicators of compromise and able to investigate the cause.

Compensation: $180,000+ depending on experience and qualifications

Position Responsibilities:
Acquire/collect computer artifacts (e.g., malware, user activity, link files, etc.) from systems in support of onsite engagements
Assess evidentiary value by triaging electronic devices
Correlate forensic findings with network events to further develop an intrusion narrative
When available, collect and document system state information (running processes, network connections, etc.) prior to imaging
Perform incident triage from a forensic perspective to include determining scope, urgency and potential impact
Track and document forensic analysis from initial involvement through final resolution
Collect, process, preserve, analyze and present computer related evidence
Coordinate with others within the Government and with customer personnel to validate/investigate alerts or other preliminary findings
Conduct analysis of forensic images and other available evidence and draft forensic write-ups for inclusion in reports
Assist Blue Team remediate or mitigate vulnerabilities identified for the system
Support Red Team with identifying risks and vulnerabilities in IT/OT environment utilizing cyber security toolkit
Research tools, techniques, and trends in Operational Technology (OT), network, application and operating system vulnerabilities and securing
Help develop and establish process for conducting forensic analyses
Work with the cyber team to conduct vulnerability assessments

Required Experience:
DoD Top Secret Clearance
Graduate degree from accredited university OR Certified Information Systems Security Professional (CISSP)
Highly desire Certified Network Forensics Examiner (CNFE); GIAC Network Forensic Analyst (GNFA); GCFE; Offensive Security Certified Professional (OSCP); or GIAC Penetration Tester (GPEN)
Proficiency with Redline, KAPE, Encase, Autopsy, Yara, Plaso/Log2Timeline, Volatility (memory), Endgame, FireEye Helix, Tanium, Carbon Black, StentinelOne, GRR, Splunk, Elastic Stack, CFF Explorer, IDA, Binary Ninja, or similar network analysis tools
Minimum 5 years of relevant experience
Ability to create forensically sound duplicates of evidence (forensic images)
Able to write cyber investigative reports documenting digital forensics findings
Experience with the analysis and characterization of cyber attacks
Experience with proper evidence handing procedures and chain of custody protocols
Skilled in identifying different classes of attacks and attack stages
Knowledge of system and application security threats and vulnerabilities
Knowledgeable in proactive analysis of systems and networks, to include creating trust levels of critical resources
Demonstrated experience in recognizing types of cyber vulnerabilities and associated attacks and performing damage assessments
Knowledge of incident categories, incident responses, and timelines for responses
Working knowledge of network ports and protocols and operating systems (Windows, Linux)
Experience with ICS/SCADA protocols and applications is highly desired
Effective written and verbal communications skills

TIAG is an equal opportunity and affirmative action employer that does not discriminate on the basis of race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. TIAG’s policy applies to all terms and conditions of employment. To achieve our goal of equal opportunity, TIAG maintains an affirmative action plan through which it makes good faith efforts to recruit, hire, and advance in employment qualified minorities, women, individuals with disabilities, and protected veterans.

Job Overview
  • Region
  • Categories

  • Receive job alerts:
    Your subscription could not be saved. Please try again.
    Your subscription has been successful.

    By subscribing below, you acknowledge that your email address will be transferred to Sendinblue for processing in accordance with their terms of use

Receive job alerts:

Your subscription could not be saved. Please try again.
Your subscription has been successful.

We use Sendinblue as our marketing platform. By Clicking below to submit this form, you acknowledge that the information you provided will be transferred to Sendinblue for processing in accordance with their terms of use