Advanced Technologies and Laboratories (ATL), a Planned Systems International (PSI) company, is hiring a Cyber Defense Forensics Analyst for a position at the Department of Energy (DOE) Pantex plant which is a DOE and National Nuclear Security Administration (NNSA) site in support of the Information Solutions & Services (ISS) and Cybersecurity Program (CSP). This job description reflects the critical role you’ll play in maintaining the network infrastructure at Pantex. If you’re ready to contribute to national security and work in a dynamic environment, we encourage you to apply!

The Cyber Defense Forensics Analyst will develop unique cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment. The analyst will collect, process, analyze, and disseminate cyber warning assessments.

Your responsibilities will include:

• Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.
• Conducts deep-dive investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.
• Creates a forensically sound duplicate of the evidence (i.e., forensic image) that ensures the original evidence is not unintentionally modified, to use for data recovery and analysis processes.
• Decrypts seized data using technical means and provides technical summary of findings in accordance with established reporting procedures.
• Ensures that chain of custody is followed for all digital media acquired in accordance with the Federal Rules of Evidence.
• Identifies digital evidence for examination and analysis in such a way as to avoid unintentional alteration.
• Performs dynamic analysis to boot an "image" of a drive (without necessarily having the original drive) to see the intrusion as the user may have seen it, in a native environment.
• Performs file signature analysis and performs hash comparison against established database.
• Performs static media analysis and extracts data using data carving techniques and uses specialized equipment and techniques to catalog, document, extract, collect, package, and preserve digital evidence.
• Performs static malware analysis and performs Windows registry analysis and collects and analyzes intrusion artifacts (e.g., source code, malware, and system configuration) and uses discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
• Reviews forensic images and other data sources (e.g., volatile data) for recovery of potentially relevant information.

• Must have a DOE Q Clearance or be eligible to obtain one.
• Strong analytical and investigative skills.
• Proficiency in analyzing digital evidence and investigating computer security incidents.

Level 4: PhD in a technical field with limited experience or Masters degree in a technical field and 2 to 5 years of related experience or Bachelors degree in a technical field and 5 to 10 years of related experience or Associates degree in a technical field and 10 to 15 years of related experience. Requires demonstrated in-depth knowledge and skills in a technical specialty.

Level 5: PhD in a technical field and 2 to 5 years of related experience or Masters degree in a technical field and 5 to 10 years of related experience or Bachelors degree in a technical field and 10 to 15 years of related experience or Associates degree in a technical field and 15 to 20 years of related experience. Requires demonstrated in-depth knowledge and skills in a technical specialty. Recognized as an expert in their field.

Level 6: PhD in a technical field and 5 or more years of related experience or Masters degree in a technical field and 10 or more years of related experience or Bachelors degree in a technical field and 15 or more years of related experience or Associates degree in a technical field and 20 or more years of related experience. Requires demonstrated in-depth knowledge and skills in a technical specialty. This level should be limited to a small population. Recognized as an expert in their field.

PSI offers full-time, benefits eligible employees a competitive total compensation package that includes paid leave, and options for employer sponsored group medical, dental, vision, short-term and long-term disability, life insurance, AD&D coverage, legal services, identity theft, and accident insurance. Flexible spending account and health saving account options offer pre-tax savings for qualified medical, dental, and vision expenses. The company sponsored 401(k) retirement plan has an employer contribution match that is immediately vested. We invest in the professional growth of our employees through professional courses, certifications, and tuition reimbursement programs.

It is company policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits, and termination, are made without regard to race, color, religion, age, sex, sexual orientation, pregnancy, gender identity, genetic information, national origin, citizenship status, veteran status, protected veteran status, disability, or any other characteristic protected by applicable federal, state, or local law.

Reasonable accommodations for applicants and employees with disabilities will be provided. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources by emailing HRDepartment@plan-sys.com, or by dialing 703-575-8400.