BT-96 – Cyber Security Analyst
Skill Level: Expert
Location: Chantilly (fully on-site, no remote option)
 

**MUST HAVE A POLY CLEARANCE TO APPLY**

• Demonstrated experience performing hands-on forensic review of devices to include laptops and mobile devices, using open source or commercial forensic tools, such as EnCase, FTK, X-Ways, Magnet IEF, or BlackLight.
• Demonstrated experience handling and imaging various types of evidence from Solid State Drives (SSD), Hard Disk Drives (HDD), Thumb Drives, Volatile Memory, or Compact Disks.
• Demonstrated experience with data extraction and analysis from various data sources including files, logs, directories, unallocated space, raw images, and custom databases.
• Demonstrated experience parsing data types necessary to extract metadata and content of forensic value from various data sources.
• Demonstrated experience and in depth understanding of multiple operating systems such as Windows, Linux, iOS, and Android.
• Demonstrated experience performing hands-on forensic review or reverse engineering of modern mobile devices such as Google Android or Apple iOS.
• Demonstrated experience working with virtualization software and virtualized environments to include ESXi, VMWare, or VirtualBox.
• Demonstrated experience conducting analysis of identified malicious software or code using both static and dynamic malware analysis.
• Demonstrated experience using debuggers and disassemblers such as OllyDbg, WinDbg, IDA Pro, or Binary Ninja.
• Demonstrated experience understanding system kernel level processing to detect and report on significant kernel events such as root kits, hooked functions, call tables, and data structures.

• Demonstrated experience using programming skills using scripting languages such as Perl, Python, or Bash.
• Demonstrated experience with enterprise and operational activities, capabilities, technical development programs.
• Demonstrated experience with information cyber security policies and regulations.