Sr. Principal Digital Forensic Analyst/Subject Matter Expert

General Dynamics Information Technology

Assembles and coordinates with customer technical teams and third-parties to resolve incidents as quickly and efficiently as possible

Ensures adequate and timely receipt, tracking, and response to eDiscovery and computer forensic requests to meet audit, compliance and legal requirements

Conducts forensic examinations of electronic evidence, including computer-related equipment, and mobile devices

Prepares written reports of forensic examination findings, briefs senior leadership

Uses forensic software applications to analyze electronic media

Physically disassembles and reassembles computers and related hardware

Monitors the collection, documentation, transportation, labeling, and security of evidence during forensic processing

Performs a variety of highly technical analyses and procedures dealing with the collection, processing, preservation, analysis, and presentation of computer-related evidence, and is responsible for disseminating and reporting cyber-related activities.

Preserves and analyzes data from electronic data sources, including laptop and desktop computers, servers, and mobile devices.

Supervises the investigations of network intrusions to determine the cause and extent of the breach.

Preserves, harvests, and processes electronic data according to the DHS’s policies and practices.

Utilizes forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files.

If requested, assists law enforcement officers in helping to solve cybercrimes or find electronic evidence of other kinds of crime.

This position could be deployed in the field on-site at a DHS customer to support/perform incident response or cyber hunt activities if the need arises.

Additional Requirements:

This position could possibly be designated as critical to agency operations and may be required to be deployed as part of an Emergency Relocation Group (ERG) in conjunction with COOP deployment or emergency activation team.

Active Top Secret Security Clearance with SCI eligibility is required. In addition, must be able to obtain and maintain a favorably adjudicated DHS background investigation for continued employment

Certifications: One or more of the following Certification(s): GCFE, GCFA, GREM, Encase, SANS Institute Forensic Toolkit (SIFT) or FTK vendor certifications and product experience,

CISM is preferred.


Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.


10-15 years of related experience in data security administration.

More Information


Mid-level industry position


Fairfield , United States


United States



Mid-level industry position