Senior Forensic Analyst

Cask is a leading Management Consulting firm specializing in delivering business and technical expertise to clients across commercial and government markets. Join the many happy employees at Cask! We have been named a top 5 firm to work for by Consulting Magazine for 5 of the past 6 years.
Cask is seeking a Sr. Forensic Analyst to support the Marine Corps Cyberspace Operations Group (MCCOG). As a Cyber Forensic Analyst, you will play a crucial role in investigating cyber incidents, collecting, and analyzing digital evidence, and providing expert insights to enhance the security posture.

Responsibilities

• Conduct investigations of cyber incidents, cybercrimes, and data breaches to collect digital evidence from various sources, such as computers, servers, and network logs.
• Analyze digital evidence using advanced forensic tools and methodologies to uncover patterns, identify attack vectors, and establish timelines of events related to cyber incidents.
• Collaborate with incident response teams to identify and mitigate ongoing security breaches, providing crucial insights into the tactics, techniques, and procedures used by threat actors.
• Prepare detailed reports documenting findings, analysis, and recommendations.
• Stay up to date with the latest cyber threats, forensic methodologies, and industry best practices.
• Contribute to the development of new forensic tools and techniques to enhance investigation capabilities.
• Work closely with internal security teams, and external partners to ensure information sharing and resolution of cyber incidents.
• Assist in the development and implementation of cybersecurity policies and procedures, ensuring alignment with industry standards and regulations.

Requirements

•   Required Security Clearance: Active Top Secret with SCI eligibility. 
• Bachelor’s degree in Computer Science or Five (5) years of demonstrated experience in performing various assessments (penetrations tests of systems and networks within a DOD Network Environment of the enclave).
• Five (5) years of demonstrated experience in performing media forensics.
• Experience with forensic tools, such as EnCase, FTK, X-Ways, Autopsy, Volatility, and open-source alternatives.
• Experience handling national state-level intrusions.
• Possess DoDD 8570 IAT Level III certification.
• Possess DoDD 8570 CSSP Auditor certification.
• Possess or the ability to obtain GIAC Certified Forensic Analyst (GCFA) or equivalent industry certification within 180 days of start.

Cask is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, among other things, or status a qualified individual with a disability.  EEO/Employer/Vet/Disabled