Job Description

Duties and Requirements Click to read more

Duties

The Digital Forensic Scientist will:

• Provide technical field support and assist with search warrants and the seizure/preservation of physical and digital evidence.
• Conduct forensic analyses and produce laboratory reports for judicial proceedings.
• Be prepared to testify as an expert witness when necessary.
• Recover or download web-based digital data, including websites used in financial fraud.
• Support the Litigation Support Section by coordinating data access for trial preparation.

Requirements

Knowledge, Skills and Abilities / Competencies

Management Preferences:

• Expertise in the use of digital forensics tools, hardware, and software for acquiring, analyzing, and preserving digital evidence over the course of an investigation.
• Working knowledge of current digital forensic best practices, ISO/IEC 17025 standards, and general day to day laboratory operations.
• General knowledge of Internet infrastructure and web-based technologies.
• Proficient in identifying and analyzing multiple filetypes and signatures including but not limited to SQLite, video, web-related, text, graphics, and audio.
• Knowledge of chain-of-custody procedures, evidence processing, preservation, and storage technologies.
• Strong communication skills for technical reporting, laboratory documentation, court testimony, and training.
• Ability to collaborate and support investigators, other agency staff, attorneys, and court personnel with case preparation and related matters.
• Experience supporting internal quality audits, management reviews and various inventories.

Certification and Credential Preferences

• Vendor-neutral certification (IACIS - CFCE preferred).
• Accreditation experience with ANAB and ISO/IEC 17025:2017 standards preferred.
• One or more vendor software certifications: EnCE, MCFE, CFME, CCPA, CCME (with/without Inseyets).
• Additional desirable credentials: CAWFE (IACIS), CMDE, CCE, ISFCE membership.

Note: If not already certified, the selected candidate must obtain certifications consistent with agency preferences and accreditation standards within 18 months of eligibility.

Additional Management Preferences
Experience with:

• Industry standard forensic tools (EnCase, Cellebrite, Magnet (Process/Axiom/Graykey), FTK, BlackLight, WinHex, etc.).
• Mac/Windows storage filesystems; mobile device technologies such as iOS, Android.
• Encryption and related technologies (BitLocker, SecureBoot, TPM).
• Forensic acquisition from varied devices and platforms (cloud/on-prem servers, email, social media).
• ISO/IEC 17025:2017 laboratory accreditation processes including annual assessments.
• State and federal rules of evidence chain of custody compliance.
• Website/SharePoint administration.
• Hashing methods, large dataset transfers, and Bates numbering.

Minimum Education and Experience Requirements
Some state job postings say you can qualify by an ‘equivalent combination of education and experience.’ If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See the Education and Experience Equivalency Guide for details.

• Bachelor's degree with a major in computer science, digital forensics, networking, information technology, cyber technology, criminal justice; or forensic science or multi-media studies with coursework in computer science or information technology; or biology, chemistry, physics, biochemistry and other science degrees (if degree includes significant coursework in computer science or information technology); or closely related curriculum from an appropriately accredited institution including coursework in science;
• -AND- two years of experience performing bench level analysis in digital evidence;
• -OR- an equivalent combination of education and experience.

Necessary Special Requirement (Digital):
Must obtain individual certification consistent with international and ISO standards within eighteen months of the date the analyst becomes eligible to seek certification according to the standards of the certifying entity. Such vendor-neutral certifications may include:

• Certified Computer Forensic Examiner (CFCE) – International Association of Computer Investigative Specialists,
• Certified Computer Examiner (CCE) – International Society of Forensic Computer Examiners
• Digital Forensics Certified Practitioner (DFCP) – Digital Forensics Certification Board (requires a minimum 5 years of verified experience prior to sitting for the exam),
• Global Information Assurance Certification Forensic Examiner (GCFE) – SANS Institute, Certified Video Technician (CFVT) – Law Enforcement & Emergency Service Video Association (requires a minimum of 3 years of verified experience prior to sitting for the exam),
• Certified Forensic Video Examiner (CFVE) – International Association for Identification (requires a minimum of 3-5 years of verified experience depending on applicant’s education level)

Do you have the Education Required? See available on-line and campus-based degree programs now!

Job Tags

Similar Jobs