Full Time Job

Forensics Analyst


Sterling, VA 04-12-2021
Apply @ Employer
  • Paid
  • Full Time
  • Senior (5-10 years) Experience
Job Description

As Discovery's portfolio continues to grow - around the world and across platforms - the Global Technology & Operations team is building media technology and IT systems that meet the world-class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery's products while articulating the long-term technology strategy that will enable Discovery's growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.

From Amsterdam to Singapore and from satellite and broadcast operations, we are driving Discovery forward on the leading edge of technology.


1. Basic knowledge of Electronic Discovery and eDiscovery principles

2. Assist with key components of the eDiscovery and Forensics Collection Workflow in partnership with IT and Legal departments

3. Ability to manage assigned digital forensic efforts in support of eDiscovery requests, staff investigations, and enterprise computer security incident response including but not limited to internal and external intellectual property theft, attacks/intrusions, computer abuse, and insider threat investigations

4. Possess skills to collect, process, preserve and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices per company policies and practices

5. Maintain full Chain of Custody and evidence tracking

6. Ability to perform log, memory, and RAW analysis

7. Ability to follow through on leads until all possible avenues in investigating a case have been exhausted

8. Liaise with the Legal department and produce high quality oral and written work product presenting complex technical matters clearly and concisely; organizing all relevant case information in an easy-to-understand format

9. Fundamental proficiency in electronic discovery with the Guidance EnCase platform, industry-standard tools, and practices applying technical and functional skills

10. Keep abreast of current best practices, emerging technologies, and solutions in the context of eDiscovery and Legal Hold

11. Support data security initiatives across both InfoSec Department and Privacy Office

12. Respond to day-to-day requests from Corporate Legal, Information Security Team

13. Monitor and analyze the results, trends, patterns, and events from Security Tools (e.g., Carbon Black, ESET, etc.) in addition to other tools (e.g., Splunk/QRadar) to analyze security events

14. Proactively recognizes potential security issues through reviews and analyses

15. Develop and maintain data flow diagrams for new and critical business and IT processes and services

16. Perform periodic discovery scans and work with data owners to identify gaps

17. Evaluate, recommend, and implement security solutions through open-source and commercial tools

18. Coordinate with business and IT teams, as an SME/InfoSec liaison, supporting discovery and DFIR initiatives

19. Recommend, install, manage, and maintain collection agents when deployed and as appropriate

* Bachelor's degree from an accredited university in business or IT security-related discipline
* Strong working knowledge and experience with data security compliance, control design, and processes
*5+ years of experience in computer system and TCP/IP network forensics
*5+ years of professional experience, supporting Cybersecurity Operation program(s) using security solutions such as enterprise forensics tools, data discovery technologies, SIEM, EDR, etc.
* Independent tasking and project completion with little supervision is a must
* Excellent analytical and problem-solving skills as well as interpersonal skills to interact with users, team members, and senior management
* Investigates, interprets, and responds to technical and/or complex IT security events
*Subject Matter Expert on the Open Text EnCase platform
*Experience with Unix, Linux, Windows, Mac OS X, iOS, and Android operating systems
*Experience with reading and interpreting PCAP and other network forensic data
*Experience with EnCase, FTK, X-Ways, or Other Computer Forensic Tools
*Demonstrated skill in performing post-incident computer forensics without destruction of critical data
*Ability to act as full-time on-call for escalation of a cybersecurity incident and forensic response
*Experience with all imaging types and methods
*Experience in forensic analysis of compromised systems
*Experience with writing and enforcing policies and procedures regarding chain of custody best practice
*Experience in proper forensic investigation techniques when working with compromised system images or files
*Detailed knowledge of litigation and related discovery processes
* Must have the legal right to work

Preferred Qualifications
* Desirable certifications include GCFE, GCFA, CHFI, CCE, CFC, EnCE, CFCE, CEH, CISSP, CND, eDiscovery certificate a plus
* 5+ years of digital forensics analysis or security analysis experience
* 5+ years of eDiscovery support experience
* 1+ years of security experience with cloud security environments
* Working knowledge with digital forensic tools such as Encase, SIFT Workstation, etc.
* Working knowledge and experience in developing and reporting performance and risk metrics (e.g., KPIs/KRIs, status reporting, and dashboards for senior management)

Jobcode: Reference SBJ-rj22ve-3-236-118-225-42 in your application.

Discord Server
Company Profile

Discovery, Inc. is the global leader in real life entertainment. We serve passionate fans with content that inspires, informs, and entertains, providing leadership across deeply loved and trusted brands, such as Discovery Channel, TLC, Animal Planet, HGTV, Food Network, and Travel Channel.