Logo
MITRE

Digital Forensics Engineer and All-Source Intelligence Analyst

MITRE, Mc Lean, Virginia, us, 22107


Digital Forensics Engineer and All-Source Intelligence Analyst

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us. MITRE is seeking a Digital Forensics and Intelligence Analyst to support our counterintelligence mission within the National Intelligence Program. The position involves collaboration across the U.S. government and requires analytical experience and an understanding of digital forensics practices and skills to join our dynamic team. This role is crucial in supporting our mission to deliver exceptional forensic analysis and investigative services, and to provide all-source analysis for finished and operational intelligence production, particularly focusing on counterterrorism operations. Roles & Responsibilities: Conduct digital forensics investigations, using a variety of forensic tools and processes to achieve mission objectives. Identify terrorism threats through identity analysis and threat network development. Draft written detailed reports based on investigative and intelligence findings, producing action officer level finished intelligence and operational reporting by working closely with forensic investigators and interagency partners. Provide analytic and technical inputs to regional/functional strategies and implementation plans to unify USG efforts for measurable impact on the counterterrorism mission. Coordinate with and support sponsor and IC and law enforcement (LE) partners. Identify and provide solutions to issues within assigned work areas; develop creative intelligence and analytic methodologies, workflows, and processes for a heavily forensic and big-data focused group. Innovate by creating prototypes and improvements grounded in research. Develop and implement standard operating procedures and best practices for sponsor. Be comfortable with frequent customer contact, and demonstrate knowledge of customer’s operations/business, and processes. Manage small deliverables or components of larger projects for customers. Mentor junior staff by transferring knowledge and skills. Maintain frequent customer contact and demonstrate an understanding of their operations and business needs. Basic Qualifications: Minimum of two years of related experience with a bachelor’s degree in digital forensics, Computer Engineering, Computer Science, Intelligence studies, or a related field(s); or 3 years with a master’s degree; or a PhD with relevant experience; or an equivalent combination of education, work experience, and technical certifications from industry recognized institutions (SANS, CompTIA, EEE, ISFCE, GIAC, EnCE, ISC2, ECC, DC3, Cellebrite). Proficiency with current industry tools and techniques used by digital forensic examiners and/or analysts. Familiarity with forensic triage concepts and implementation. Excellent verbal and written communication skills, note taking, and confidence in oral briefing/presentations with senior staff members. Ability to communicate complex technical concepts to non-technical colleagues. Familiarity with operational digital forensics concepts and investigative objectives. General technical proficiency and familiarity with the Microsoft Office Suite, including Outlook, Excel, and Word. Minimum of three years of related experience working in the IC as an all-source analyst, targeting officer, technical targeter, digital forensic examiner, or similar position. Familiarity with threat network development, drafting finished intelligence and/or operational reporting. IC or LE experience with an understanding of the various information domains used within and the various intelligence and operational reports created throughout. Understanding of IC analytical tradecraft (ICD 203) and all-source intelligence fusion. This position has an on-site requirement of 5 days a week on-site. Preferred Qualifications: Five+ years of related experience with a bachelor’s degree in digital forensics, computer engineering, computer science, software engineering, Intelligence Studies, or a related field(s); or 3 years with a master’s degree; or a PhD with relevant experience; or an equivalent combination of education, work experience, and technical certifications from industry recognized institutions (SANS, CompTIA, EEE, ISFCE, GIAC, EnCE, ISC2, ECC, DC3, Cellebrite). Experience working with the Intelligence Community (IC), Department of Defense (DoD) and/or Law Enforcement (LE) partners. Experience with common programming languages and scripting tools (e.g., Java, Objective-C, Swift, Python, C, C++, Go). Familiar/Experience with mobile device forensic examinations and investigations. Proficiency in prototyping using Python and establishing a development environment. Familiarity with database systems such as MySQL, Postgres, and SQLite. Experience reverse engineering and using related software/tools. Willingness to independently learn new technologies, tools, languages to broaden your skills. Familiarity with environments/sponsors operating in the offensive domain. Strong knowledge of ARM platforms such as Android and/or iOS. Familiarity with Android internals, Linux kernel, and/or iOS internals. Strong familiarity with Linux operating systems. Experience working with collected exploited material (CEM) and/or DOMEX-derived data and information. Ability to communicate complex intelligence reporting, analytic problem sets, and concepts to technical colleagues. Experience with operational targeting tools, workflows, and governing policies and authorities. Familiarity with policies and authorities governing US intelligence activities. Ability to transfer basic knowledge and skills to junior staff and technical colleagues. This requisition requires the candidate to have a minimum of the following clearance(s):

Top Secret/SCI/Polygraph This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):

Top Secret/SCI/Polygraph Work Location Type:

Onsite

#J-18808-Ljbffr