Jacobs Jobs

Job Information

Jacobs SME - Mac Forensics REMOTE in HANOVER, Maryland

Your Impact:

Jacobs is seeking a SME – Mac Forensics to support our team in Hanover, Maryland – remote/hybrid work is possible. This is a temporary assignment scheduled to last 9 months.


Jacobs is seeking a Subject Matter Expert in Hanover, Md. Must possess in-depth knowledge of computer science principles, specifically those listed below. \


  • Provide technical knowledge and analysis of highly specialized applications and operational environments, high-level functional systems analysis, design, integration, documentation and implementation advice on exceptionally complex problems that need extensive knowledge of the subject matter for effective implementation

  • Provide highly technical and specialized recommendations concerning automated solutions to complex information processing problems

  • Perform analyses and studies

  • Prepare reports and gives presentations

  • Participate in medium to large, complex information and system security projects, and major phases of very large projects

#dvstis #divergent

Here’s What You’ll Need:

Here's What You’ll Need:

  • Expertise in digital forensics tools for Mac OS and iOS: Familiarity with tools like Autopsy, The Sleuth Kit, etc.

  • Network Forensics: Ability to investigate network traffic, logs, and understand network protocols

  • Understanding of Mac specific artifacts and evidence locations

  • Deep knowledge regarding Mac specific security features such as FileVault and Gatekeeper.

  • Memory Forensics: Skills in analyzing RAM dumps and understanding active processes during an incident

  • Malware Analysis: Ability to reverse engineer malware to understand its origin, functionality, and impact

  • Scripting and Programming: Proficiency in languages like Python, PowerShell, or Bash for automation and analysis tasks

  • File System Analysis: Deep understanding of Apple File System (APFS) as well as NTFS, FAT, HFS+, etc.

  • Incident Response Procedures: Familiarity with common procedures and frameworks

  • Strong Communication: Effective written and verbal communication skills to report findings and collaborate with law enforcement agencies

  • Critical Thinking: Ability to think critically and creatively to solve complex problems and identify trends on the dark web

  • Expertise in OS platforms: Windows, Linux, and macOS

  • Incident Response Procedures: Familiarity with common procedures and frameworks.

  • Must be able to work a 40-hour workweek, normally Monday through Friday.However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.

  • U.S. citizenship required

Desired Skills:

  • Law Enforcement Background

  • Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA).

  • Academic/training industry experience

  • Familiarity with DOD terminology