• Subject Matter Expert II - eDiscovery/Forensic Support

    Job Location
    # of Openings
    Security Clearance
    Active Top Secret
    Percentage of Travel Required
    Regular Full-Time
  • Overview

    Implement and manage tools required to perform eDiscovery and forensic services to support investigations on all types of devices (desktops, servers, mobile devices, removal media, Cloud Contractors, etc.).


    • Identify possible threats based on analysis of digital media
    • Provide a gap analysis of current tools and processes required to perform eDiscovery and forensic services and make recommendations on the improvement of the E- Discovery/Forensic program
    • Provide forensic services to support Agency’s investigations and Insider Threat program
    • Examine and perform comprehensive technical analysis of computer-related evidence and information stored on devices during the course of investigations and litigations
    • Conduct forensic collections of digital evidence using best practices and approved software and hardware
    • Analyze digital media (logs, code, phones, hard drives, memory dumps, etc.) to determine attack vectors and develop mitigation techniques
    • Ensure evidence is stored and archived in a manner consistent to maintain preservation and protection of data and evidence
    • Ensure all hardware and software is verified and validated in accordance with established guidelines and the Federal Rules of Evidence
    • Procure, install, and implement at the below specifications related to equipment required to build a completely operational CISO Computer Forensics Laboratory
    • Perform forensic analysis on all common operating system environments, to include, but not limited to, Microsoft Windows, Mac OS, UNIX, Linux, Solaris, as well as embedded systems
    • Perform forensic analysis on VMware virtual machines and AWS/Azure cloud instances
    • Communicate, coordinate, and share information and work closely with NCCIC and other HIRT components


    • Education:
      • Bachelor’s Degree preferred
    • Required Knowledge/Experience:
      • CISSP or CCFP Certification required
      • A combination of 10 years’ experience and education or more of demonstrated experience in eDiscovery
      • Proficiency in the cyber forensics, response, and reverse engineering skills and understanding of the latest exploit methodologies
    • Preferred Knowledge/Experience:
      • Experience with FIOA/eDiscovery software solutions
      • Performing forensic investigations on cloud-based systems (e.g. AWS or Azure)
      • Implementing insider threat programs and measuring their success
      • Familiarity with at least one of the following tools: EnCase, Forensic Toolkit, Autopsy/Sleuthkit

    Other Responsibilities

    • Perform other tasks consistent with the goals and objectives of the department/contract
    • Perform other duties as assigned by Sr Program Executive

    Invest in a company that invests in you! Copper River provides its employees with ample opportunities for career growth and development. Tuition reimbursement is offered to help employees further their education and skillset. Other perks include Open Leave, 401k matching with immediate vesting, Medical, Vision, and Dental coverage.


    EEO/AA Employer Minorities/Females/Vets/Disability


    Disclaimer: The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed