MIT Lincoln Laboratory Cyber Forensics Analyst in Lexington, Massachusetts
The Security Services Department's overall mission is to ensure a safe and secure environment and protect MIT Lincoln Laboratory at all facilities in which staff members perform their mission of research and development. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.
As a Cyber Forensic Analyst at MIT Lincoln Laboratory, you will play a key role as a member of the Security Services Department’s (SSD) Forensic Analysis Center (FAC). You will provide specialized digital forensic analysis capabilities in support of internal corporate investigations, insider threat investigations, legal requests, eDiscovery requests, and incident response actions.
Conducts computer forensic examinations to include the collection, preservation, processing, and analysis of digital evidence. Substantiates or disproves investigative allegations through adherence to the highest level of industry standards associated with the forensic examination of digital media, to include preparing documentation, retaining systems and media for examination, previewing media and devices for cursory forensic examinations, performing system acquisitions, and conducting detailed computer and network forensic data analysis. Investigates suspected or identified violations of Laboratory policies and procedures, government regulations or directives and applicable laws by conducting detailed investigations and cursory staff interviews and completing appropriate investigative reports. Coordinates with and assists Laboratory counterintelligence personnel pursuant to inquiries. Conducts forensic inspections, acquisitions and analysis of digital devices and media during perimeter compliance inspections. Prepares detailed, clear and concise forensic and investigative case reports and articulates findings to Laboratory management. Performs system and network log analysis by reviewing applicable log files and centralized log reports for specific activity. Coordinates with system administrators to obtain necessary log files and other system evidence as required.
Familiarity with sound forensic principles, techniques, and processes
Highly motivated and demonstrates interest in the fields of cyber defense and cyber research, inquisitive, and able to research new highly technical subjects
Bachelor’s degree in Computer Science, Information Technology, Computer Information Systems
A minimum of 3 years of experience conducting computer forensic examinations, malware analysis or incident response; preferably in a DoD environment or related government security program
Familiarity with the operation of and forensic artifacts associated with modern operating systems (Windows, MacOS, Linux)
Core Requirements (cont.)
Technical experience and skills, course work completed towards a degree, and industry IT certifications may be considered substitutes for education and DoD security experience
Ability to conduct research and development (R&D) of computer forensic and intrusion analysis methods and procedures, malware analysis activities, and complete case reports
Excellent written and oral communication skills as well as customer service skills and the ability to distill complex technical subjects into business terms for decision makers
This position may require infrequent local and overnight travel
Experience in briefing technical audiences, senior leadership, and executives
Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Top Secret level DoD security clearance
Basic malware analysis and triage skills (reverse-engineering experience is ideal)
Ability to collect, synthesize and present valuable KPIs for the forensic program
Project management, technical report writing, and intermediate proficiency with MS Office products, including Visio and PowerPoint to express technical concepts
Substantial experience with and knowledge of typical attack vectors, network exploitation techniques, and exfiltration channels
Preferred Competencies (cont.)
Knowledge of cyberthreat intelligence concepts
Experience with SIEM and centralized logging tools
Experience with one or more programming languages (Python or Perl)
Experience with mobile device (iOS/Android) security assessments
Desired industry certifications include EnCE, GCIH, GCFE, GCFA, GNFA, GREM
For Benefits Information, click http://hrweb.mit.edu/benefits
Selected candidate will be subject to a pre-employment background investigation and must be able to obtain and maintain a Secret level DoD security clearance.
MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.
Requisition ID: [[id]] #CJ