Job Description:

DXC Technology (NYSE: DXC) empowers global companies to operate their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private, and hybrid clouds. Many of the world’s largest companies and public sector organizations trust DXC to deliver exceptional service across the Enterprise Technology Stack, driving performance, competitiveness, and customer experience. Discover more about our commitment to excellence for customers and colleagues at DXC.com

We are looking to hire a Digital Forensics Engineer who will provide incident handling and response as well as forensic analysis for cybersecurity investigations involving legal, security, compliance, and cybersecurity service offerings.

This position requires U.S. Person status and the ability to obtain and maintain a security clearance

Essential Functions:

-This engineer will be the on-site forensics lab manager supporting the forensics lab network and environment.

-Responsible for device imaging, evidence handling, litigation and discovery collections and reporting.

-The engineer will investigate possible network and host-based intrusions to find the source and extent of the compromise.

-Analysis of Windows/UNIX/Mac systems to locate and analyze malicious files and systems.

-Reverse engineer malicious software using a disassembler and debugger.

-Perform host forensic and log file analysis.

Essential Knowledge:

-Fundamentals of computer networking (routing, firewalls, VPNs, etc)

-Principals of computer forensics: evidence handling, chain of custody, and incident response.

-Performance of procedural forensic analysis including data gathering, imaging, investigation, report writing and briefing.

-Knowledge of a wide variety of network and security devices and architecture.

-In-depth knowledge of breach detection, containment, eradication, and recovery.

-In-depth knowledge of Windows/UNIX operating systems.

Essential Education:

Bachelor's Degree and 6 + years of relevant Industry experience.

Preferred: BS in a Computer Forensic Discipline or 2 years working in computer Security and 3 years working in a computer forensic / incident response position.

-Work experience in law enforcement or computer investigations is preferred.

Essential Skills:

-Must be able to work alone or with a team in high stress situations.

-Must be able to perform critical problem solving.

-Must be able to perform network investigations in the areas of malware remediation, intrusions, or vulnerability assessments.

Organizational Fit Consideration:

-Limited 24x7 and availability for domestic travel.

-Must have good speaking / presentation skills.

-Must be a self-starter with the ability to work with little or no supervision.

-Must be a U.S. Person with the ability to obtain and maintain a security clearance

Required Skills and Experience:

Lab infrastructure Administration

Setup, configure, and maintain complex security and access management solutions

Setup, configure, and manage forensic network and evidence storage.

Intake, process, and store evidence and maintain chain of custody.

Build, custom servers and systems based on case requirements

Build, configure, and maintain pooled forensic workstations for analysis.

Build, configure, and maintain compromise artifact databases and Intelligence repositories.

Build, configure, and maintain Out of Band networks and communication systems

Litigation and e Discovery On site collections and imaging

Imaging of systems, laptops, desktops, mobile, USB, and network connected devices

Encryption bypass: Checkpoint, Bitlocker, Mc Afee, Symantec

Custodian collections: remote users, Microsoft Compliance Center

Legal Hold application for users, applications, shares, devices, etc

Building search models based on subpoenas, court filings, and attorney requirements

Endpoint Detection and Response

Crowdstrike & Microsoft Defender for Endpoint:

Deployment, Configuration, Tuning, Scripting, Monitoring

Threat Analysis

Advanced Persistent Threat (APT) Groups and Tactics, Techniques and Procedures (TTP’s) Detection and Investigation

Network and Host protocols and services

File systems, Services, Uses, Log analysis

Malware Analysis, Remote access tools, Ransomware

Lateral movement, Data exfiltration

Digital Forensic & Incident Response

Ascertain the evidentiary value of computers, network devices, and other data systems.

Imaging of physical and virtual devices

Imaging and collection cloud systems

Analysis of systems and Proprietary REAPS:

Advanced Persistent Threat (APT) Groups and Tactics, Techniques and Procedures (TTP’s) Detection and Investigation

Network and Host protocols and services

File systems, Services, Uses, Log analysis

Malware Analysis, Remote access tools, Ransomware

Lateral movement, Data exfiltration

Expertise using En Case, FTK Forensic, AXIOM, x-Ways, IDA/Ghidra, Wireshark, Volatility 3, Microsoft Purview/DLP

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

If you are an applicant from the United States, Guam, or Puerto Rico

DXC Technology Company (DXC) is an Equal Opportunity employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, pregnancy, veteran status, genetic information, citizenship status, or any other basis prohibited by law. View postings below .

We participate in E-Verify. In addition to the posters already identified, DXC provides access to prospective employees for the Federal Minimum Wage Poster, Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters. To access the postings in the link below, select your state to view all applicable federal, state and locality postings. Postings are available in English, and in Spanish, where required. View postings below.

Postings Link

Disability Accommodations

If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email.

Please note: DXC will respond only to requests for accommodations due to a disability.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.