Jacobs SME - Mac Forensics REMOTE in HANOVER, Maryland
Jacobs is seeking a SME – Mac Forensics to support our team in Hanover, Maryland – remote/hybrid work is possible. This is a temporary assignment scheduled to last 9 months.
Jacobs is seeking a Subject Matter Expert in Hanover, Md. Must possess in-depth knowledge of computer science principles, specifically those listed below. \
Provide technical knowledge and analysis of highly specialized applications and operational environments, high-level functional systems analysis, design, integration, documentation and implementation advice on exceptionally complex problems that need extensive knowledge of the subject matter for effective implementation
Provide highly technical and specialized recommendations concerning automated solutions to complex information processing problems
Perform analyses and studies
Prepare reports and gives presentations
Participate in medium to large, complex information and system security projects, and major phases of very large projects
Here’s What You’ll Need:
Here's What You’ll Need:
Expertise in digital forensics tools for Mac OS and iOS: Familiarity with tools like Autopsy, The Sleuth Kit, etc.
Network Forensics: Ability to investigate network traffic, logs, and understand network protocols
Understanding of Mac specific artifacts and evidence locations
Deep knowledge regarding Mac specific security features such as FileVault and Gatekeeper.
Memory Forensics: Skills in analyzing RAM dumps and understanding active processes during an incident
Malware Analysis: Ability to reverse engineer malware to understand its origin, functionality, and impact
Scripting and Programming: Proficiency in languages like Python, PowerShell, or Bash for automation and analysis tasks
File System Analysis: Deep understanding of Apple File System (APFS) as well as NTFS, FAT, HFS+, etc.
Incident Response Procedures: Familiarity with common procedures and frameworks
Strong Communication: Effective written and verbal communication skills to report findings and collaborate with law enforcement agencies
Critical Thinking: Ability to think critically and creatively to solve complex problems and identify trends on the dark web
Expertise in OS platforms: Windows, Linux, and macOS
Incident Response Procedures: Familiarity with common procedures and frameworks.
Must be able to work a 40-hour workweek, normally Monday through Friday.However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.
U.S. citizenship required
Law Enforcement Background
Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA).
Academic/training industry experience
Familiarity with DOD terminology