Digital Forensics Examiner

• Examines individual items of evidence received from investigators and/or law enforcement in the most difficult and highly complex cases which may involve a high degree of media attention. Examines individual items of evidence for data recovery, specific material of probative value, evidence of tampering and related examinations.
• Perform comprehensive and authoritative technical analyses of evidence in all types of difficult and complex cases, often creating new techniques of examination. Conduct examination of computer systems and associated digital media utilizing operating system software. Examine physically write protected media to include: partition information, directory listings, deleted file listings, unallocated files space and slack extractions.
• Utilize expert knowledge of IT forensic analysis and the conceptual design of computer systems to perform multi-facetted examinations. Conceptualize the scope of major examinations, and design the flow of the examination for complex combinations of multiple IT systems. Assist the work of associated examiners, maintaining the overall exam plan.
• Prepares and furnishes authoritative oral and written reports to Arixmar and Law Enforcement Organizations, Attorneys, as well as others within the law enforcement community which conveys the opinions and findings of the incumbent as determined through detailed examination conducted.
• Provides necessary court testimony.
• Conducts research related to IT analysis. Studiy information and learn the technology (i.e., particular operating systems, infrastructure and associated systems) necessary to extract the appropriate data for a given investigation. Based on research, recommend new protocols and Standard Operating Procedures (SOPs) for the examination of IT evidence.

Requirements:

• Requires BS in Engineering, Computer Science, or a related field with a minimum 7 years professional IT experience, or an equivalent combination of education and experience.
• CISSP and /or GIAC Certification.
• Mastery knowledge of the forensic analysis of computers and related digital media to perform the most complex examinations, develop policies/protocols including SOPs, and serve as a technical expert.
• Broad knowledge of IT disciplines and how they interrelate. This includes knowledge of the conceptual design of computers systems, computer theory, computer engineering, all operating systems, servers, networks, hardware, software, program languages and the Internet.
• Ability to research and develop an in-depth understanding of systems and programs never before encountered in order to examine unprecedented cases.
• Master the rules of evidence and legal procedures involved in handling all types of evidence.
• Skill in oral and written communications to report results of examination s and provide expert opinion testimony in a complete and accurate manner and to organize and deliver high level briefings on potentially controversial topics.