Domex Technician

In a world of possibilities, pursue one with endless opportunities. Imagine Next!

When it comes to what you want in your career, if you can imagine it, you can do it at Parsons. Imagine a career working with intelligent, diverse people sharing a common quest. Imagine a workplace where you can be yourself. Where you can thrive. Where you can find your next, right now. We've got what you're looking for.

Job Description:

Parsons is looking for an amazingly talented DOMEX Technician to join our team!

What You'll Be Doing:

• CELLEX/ MEDEX Examiners must possess a thorough understanding of the technical fundamentals behind digital forensics as they relate to CELLEX/ MEDEX including: mobile file systems, mobile operating system internals, mobile applications, binary file formats, encryption/encoding/hashing algorithms, Wi-Fi, Bluetooth, nearfield, and cellular communication protocols and artifacts, roots/jailbreaks/vulnerabilities, bootloaders, firmware, the baseband, patches, permissions, and common locations of artifacts of interest.

• Examiners must be able to display unquestionable proficiency with the process of forensic imaging and be able to utilize a variety of tools like Cellebrite UFED4PC, Physical Analyzer, XRY, AXIOM, X-Ways, FTK Imager, Bulk Extractor, and Autopsy.

• Must be familiar with various imaging formats (DD, AFF, RAW, E01, Vendor Proprietary), imaging types (Physical, File System, Logical), hashing algorithms (MD5, SHA, etc.), and hidden disk areas like HPA/DCO.

• Must know what to do when commercial tools fail.

• Must be familiar with the principles of chain-of-custody and the use of Standard Operating Procedures (SOP)s in a reliable and repeatable manner and taking detailed notes that are courtroom ready in the event that it ever becomes necessary.

• Must be proficient in handling various types of hardware devices, cables, chargers and associated removable storage (if applicable).

• Must also be able to identify and assess damaged hardware for escalation to hardware teams without further jeopardizing recovery efforts.

What Required Skills You'll Bring:

• Examiners must possess a thorough understanding of the technical fundamentals behind digital forensics including file systems, operating system internals, binary file formats, encryption/encoding/hashing algorithms, and an understanding of Windows registry analysis (for Windows examinations).

• Examiners must possess a thorough understanding of both iOS and android mobile platforms to include how data is stored and can be parsed.

• Must be proficient in dismantling various types of hardware devices (desktops, laptops, game consoles, mobile devices, drones, and other enclosures or devices) in a non-descriptive manner to access the storage media that must be imaged.

• They must also be able to identify and assess damaged hardware for escalation to hardware teams without further jeopardizing recovery efforts.

• Must be willing and able to assist in the conduct of Sensitive Site Exploitation (SSE), providing the full gamut of aforementioned technical exploitation services anywhere in the world that the customer operates, be medically deployable, and willing to deploy multiple times a year OCONUS to locations that may include hostile fire areas

• 2+ years of technical exploitation experience (or directly related experience). Examples of qualifying experience includes, but is not limited to, conducting digital forensic investigations, providing technical MEDEX/CELLEX/DOMEX/TECHEX services, targeted forensic software development, binary file or application reverse engineering

• Examiners must be able to conduct detailed full-scope forensic examinations without having to rely on any particular tool or set of tools.

Must be proficient in the use of the shell and a hex editor, have a strong understanding of how SQlite databases work, understand the nuances of foreign text/language encoding methods, and be able to craft SQL statements.

• Must be familiar with all core elements of technical exploitation examinations.

• Able to conduct targeted searches for information of immediate operational relevance, Large dataset analysis to include conducting foreign-language keyword searches, Advanced app and internet history analysis, Logical file and related metadata extraction, deduplication, and ranking/pruning, Deleted data recovery (carving), basic binary-level file repair, and sector-level entity extraction, The identification of encrypted files, containers, and volumes, The identification of anti-forensic practices, i.e. steganography, data hiding apps, hidden or protected messing applications, free-space wiping tools, and other generic data hiding tricks.

• Have a general understanding of how mobile malware operates, be able to detect its existence, and extract relevant artifacts for escalation to Reverse Engineering teams.

• Examiners must be able to act as subject matter expert-level technical resources to federated partners, internal customers, and forward-deployed elements. They must provide timely and on-demand remote support to various operational and non-operational elements in order to ensure mission success.

• Examiners must be able to rapidly produce and concisely brief technically proficient triage-level, analyst targeted and deep-dive reporting products, intelligently prioritizing the depth of examination based upon current operationally imposed time constraint.

• Examiners must be able to generate professional technical exploitation reports of interest to the U.S. Government (USG) and their partners, develop device, collection, and cross-collection based reports to meet mission demands.

• Examiners must be willing and able to design, plan, integrate, support, and execute full-spectrum technical exploitation training and exercises.

What Desired Skills You'll Bring:

• Preferably possess at least one active industry or DoD standard forensic certification (i.e. CCME, CCO, CCPA, CMFF, CUFO, XRY Certification, MCFE, EnCE, ACE, CCE, GIAC, CFCE, DC3/DCITA Certified Digital Forensic Examiner).

• Experience conveying highly technical information effectively and concisely to a wide range of audiences via both briefings and technical reports.

• Travel Requirements. Travel is expected in support of this effort. CONUS/OCONUS rotations up to 13-weeks can be expected if called upon by the client up to twice a year.

Minimum Clearance Required to Start:

Secret

This position is part of our Federal Solutions team.

Our Federal Solutions segment delivers resources to our US government customers that ensure the success of missions around the globe. Our diverse, intelligent employees drive the state of the art as they provide services and solutions in the areas of defense, security, intelligence, infrastructure, and environmental. We promote a culture of excellence and close-knit teams that take pride in delivering, protecting, and sustaining our nation's most critical assets, from Earth to cyberspace. Throughout the company, our people are anticipating what's next to deliver the solutions our customers need now.

Salary Range:

$96,400.00 - $168,700.00

We value our employees and want our employees to take care of their overall wellbeing, which is why we offer best-in-class benefits such as medical, dental, vision, paid time off, Employee Stock Ownership Plan (ESOP), 401(k), life insurance, flexible work schedules, and holidays to fit your busy lifestyle!

Parsons is an equal opportunity employer committed to diversity, equity, inclusion, and accessibility in the workplace. Diversity is ingrained in who we are, how we do business, and is one of our company's core values. Parsons equally employs representation at all job levels for minority, female, disabled, protected veteran and LGBTQ+.

We truly invest and care about our employee's wellbeing and provide endless growth opportunities as the sky is the limit, so aim for the stars! Imagine next and join the Parsons quest-APPLY TODAY!