POSITIONS CONTINGENT ON CONTRACT AWARD

KBR is actively seeking skilled professionals across a variety of high-impact cybersecurity roles—from Incident Response and Cyber Hunt to Digital Forensics, Insider Threat, Continuous Monitoring, and Red/Blue Team Operations.

DIGITAL FORENSIC EXAMINER

Job Description:
The Digital Forensic Examiner is responsible for conducting forensic investigations, analyzing compromised systems, and preserving digital evidence to support cybersecurity operations and incident response. This role will leverage forensic methodologies, tools, and investigative techniques to uncover cyber threats, provide actionable intelligence, and support legal and compliance efforts in accordance with DoD and NIWC CSSP policies.

Key Responsibilities:

• Conduct forensic investigations on compromised systems, removable media, and storage devices using government-approved forensic toolsets.
• Analyze network traffic, system logs, and endpoint data to identify Indicators of Compromise (IoCs) and attack methodologies.
• Collect and preserve digital evidence in accordance with DoD forensic procedures and NIWC CSSP’s 5I forensic methodology to maintain chain of custody.
• Utilize forensic tools such as EnCase, FTK, X-Ways, Volatility, Autopsy, Magnet Axiom, or Cellebrite to extract and analyze digital artifacts.
• Perform memory, disk, and file system analysis to identify malware infections, unauthorized access, and system manipulations.
• Investigate insider threats, policy violations, and external cyberattacks to support legal and compliance actions.
• Recover deleted, encrypted, or corrupted data to extract forensic artifacts for intelligence reporting.
• Generate detailed forensic reports summarizing findings, methodologies used, and recommendations for mitigation.
• Support litigation and legal teams by preparing forensic reports for eDiscovery, court proceedings, and compliance audits.
• Assist in incident response activities by providing forensic analysis of cyber incidents, data breaches, and insider threats.
• Participate in Red/Blue team exercises by conducting forensic analysis of attack scenarios and detection effectiveness.
• Develop and maintain forensic SOPs, policies, and guidelines in alignment with DoD forensic frameworks.
• Stay updated on emerging digital forensic techniques, tools, and methodologies to improve forensic investigation capabilities.
• Provide forensic training and mentorship to junior analysts and cybersecurity teams.

• Conduct forensic investigations on compromised systems, removable media, and storage devices using government-approved forensic toolsets.
• Analyze network traffic, system logs, and endpoint data to identify Indicators of Compromise (IoCs) and attack methodologies.
• Collect and preserve digital evidence in accordance with DoD forensic procedures and NIWC CSSP’s 5I forensic methodology to maintain chain of custody.
• Utilize forensic tools such as EnCase, FTK, X-Ways, Volatility, Autopsy, Magnet Axiom, or Cellebrite to extract and analyze digital artifacts.
• Perform memory, disk, and file system analysis to identify malware infections, unauthorized access, and system manipulations.
• Investigate insider threats, policy violations, and external cyberattacks to support legal and compliance actions.
• Recover deleted, encrypted, or corrupted data to extract forensic artifacts for intelligence reporting.
• Generate detailed forensic reports summarizing findings, methodologies used, and recommendations for mitigation.
• Support litigation and legal teams by preparing forensic reports for eDiscovery, court proceedings, and compliance audits.
• Assist in incident response activities by providing forensic analysis of cyber incidents, data breaches, and insider threats.
• Participate in Red/Blue team exercises by conducting forensic analysis of attack scenarios and detection effectiveness.
• Develop and maintain forensic SOPs, policies, and guidelines in alignment with DoD forensic frameworks.
• Stay updated on emerging digital forensic techniques, tools, and methodologies to improve forensic investigation capabilities.
• Provide forensic training and mentorship to junior analysts and cybersecurity teams