Leidos is seeking qualified candidates for a Security IT/Forensic Investigator in St. Louis Mo. An ACTIVE TS/SCI level clearance and willingness to obtain a Polygraph are HARD requirements to be considered.
Qualified candidates will be able to investigate suspected instances of waste, fraud and abuse; data spills; and computer security incidents within the customer's enterprise. The investigator uses a variety of digital forensics and intrusion detection tools to conduct forensic examination activities including assisting in the analysis of network, computer and other devices which may contain digital evidence. The selected candidate provides computer security incident and policy violation response support and cyber security awareness and training, and will participate in technical meetings and working groups to address issues related to computer security, protection against malware, and other vulnerabilities. The selected candidate will also investigate alerts identified by various security appliances and review audit logs to determine if an incident has occurred. The candidate will use best practices to document and preserve digital evidence for legal proceedings.
- ACTIVE TS/SCI clearance and agree to undergo Polygraph examination to be considered for this position
- Minimum 7 - 10 years of technical experience working in a client/server environment
- Knowledge in the proper use of computer forensics and security compliance tools, and experience conducting network and host based incident investigations
- Experience with Guidance Software toolsets to include EnCase Forensics and EnCase Enterprise, and have demonstrated understanding of client/server architecture, TCP/IP protocols
- Knowledge of modern Windows Server platforms and desktop operating systems, as well as general understanding of respective file system internals
- Experience finding, retrieving, analyzing, preserving, and maintaining digital information from computers and network equipment
- Experience maintaining "chain of custody" by following standard rules of digital evidence
- In-depth working knowledge in DOD and IC intelligence regulations, be familiar with intelligence oversight principles, must possess superior writing and briefing skills, and be capable of providing polished analysis documentation
- BA/BS in Engineering, Computer Science or related science field preferred. A minimum of 7 years' experience in computer science, software engineering, information security fundamentals or general IT.
- Distinguished candidates will also have experience with identifying and qualifying malicious software and code, employment of reverse engineering tools (e.g., IDA Pro, OllyDbg, and other similar toolsets), analyzing UNIX/Linux operating systems, and software development experience using modern programming and scripting languages
- Practical experience with memory forensics is a plus. Experience with ArcSight, Microsoft SQL server, and BindView would also be beneficial
- Prior experience with security incident response methodologies and technologies is desired. Experience authoring and executing plans and programs at the headquarters or agency level is beneficial
"External Referral Eligible"