Digital Forensics Engineer (Hybrid Plano TX)

Job Description:

DXC Technology (NYSE: DXC) empowers global companies to operate their mission-critical systems and operations while modernizing IT optimizing data architectures and ensuring security and scalability across public private and hybrid clouds. Many of the worlds largest companies and public sector organizations trust DXC to deliver exceptional service across the Enterprise Technology Stack driving performance competitiveness and customer experience. Discover more about our commitment to excellence for customers and colleagues at

We are looking to hire a Digital Forensics Engineer who will provide incident handling and response as well as forensic analysis for cybersecurity investigations involving legal security compliance and cybersecurity service offerings.

This position requires U.S. Person status and the ability to obtain and maintain a security clearance

Essential Functions:

-This engineer will be the on-site forensics lab manager supporting the forensics lab network and environment.

-Responsible for device imaging evidence handling litigation and discovery collections and reporting.

-The engineer will investigate possible network and host-based intrusions to find the source and extent of the compromise.

-Analysis of Windows/UNIX/Mac systems to locate and analyze malicious files and systems.

-Reverse engineer malicious software using a disassembler and debugger.

-Perform host forensic and log file analysis.

Essential Knowledge:

-Fundamentals of computer networking (routing firewalls VPNs etc)

-Principals of computer forensics: evidence handling chain of custody and incident response.

-Performance of procedural forensic analysis including data gathering imaging investigation report writing and briefing.

-Knowledge of a wide variety of network and security devices and architecture.

-In-depth knowledge of breach detection containment eradication and recovery.

-In-depth knowledge of Windows/UNIX operating systems.

Essential Education:

-BS in a Computer Forensic Discipline or 2 years working in computer Security and 3 years working in a computer forensic / incident response position.

-Work experience in law enforcement or computer investigations is preferred.

Essential Skills:

-Must be able to work alone or with a team in high stress situations.

-Must be able to perform critical problem solving.

-Must be able to perform network investigations in the areas of malware remediation intrusions or vulnerability assessments.

Organizational Fit Consideration:

-Limited 24x7 and availability for domestic travel.

-Must have good speaking / presentation skills.

-Must be a self-starter with the ability to work with little or no supervision.

-Must be a U.S. Person with the ability to obtain and maintain a security clearance

Required Skills and Experience:

Lab infrastructure Administration

Setup configure and maintain complex security and access management solutions

Setup configure and manage forensic network and evidence storage.

Intake process and store evidence and maintain chain of custody.

Build custom servers and systems based on case requirements

Build configure and maintain pooled forensic workstations for analysis.

Build configure and maintain compromise artifact databases and Intelligence repositories.

Build configure and maintain Out of Band networks and communication systems

Litigation and eDiscoveryOn site collections and imaging

Imaging of systems laptops desktops mobile USB and network connected devices

Encryption bypass: Checkpoint Bitlocker McAfee Symantec

Custodian collections: remote users Microsoft Compliance Center

Legal Hold application for users applications shares devices etc

Building search models based on subpoenas court filings and attorney requirements

Endpoint Detection and Response

Crowdstrike & Microsoft Defender for Endpoint

Deployment Configuration Tuning Scripting Monitoring

Threat Analysis

Advanced Persistent Threat (APT) Groups and Tactics Techniques and Procedures (TTPs) Detection and Investigation

Network and Host protocols and services

File systems Services Uses Log analysis

Malware Analysis Remote access tools Ransomware

Lateral movement Data exfiltration

Digital Forensic & Incident Response

Ascertain the evidentiary value of computers network devices and other data systems.

Imaging of physical and virtual devices

Imaging and collection cloud systems

Analysis of systems and Proprietary REAPS

Advanced Persistent Threat (APT) Groups and Tactics Techniques and Procedures (TTPs) Detection and Investigation

Network and Host protocols and services

File systems Services Uses Log analysis

Malware Analysis Remote access tools Ransomware

Lateral movement Data exfiltration

Expertise using EnCase FTK Forensic AXIOM x-Ways IDA/Ghidra Wireshark Volatility 3 Microsoft Purview/DLP

At DXC Technology we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing productivity individual work styles and life circumstances. Were committed to fostering an inclusive environment where everyone can thrive.

If you are an applicant from the United States Guam or Puerto Rico

DXC Technology Company (DXC) is anEqual Opportunity employer. All qualified candidates will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin age disability pregnancy veteran status genetic information citizenship status or any other basis prohibited by law. View postings below .

We participate in addition to the posters already identified DXC provides access to prospective employees for theFederal Minimum Wage Poster Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters. To access the postings in the link below select your state to view all applicable federal state and locality postings. Postings are available in English and in Spanish where required. View postings below.

Postings Link

Disability Accommodations

If you are an individual with a disability a disabled veteran or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability you may request a reasonable accommodation by contacting us viaemail.

Please note: DXC will respond only to requests for accommodations due to a disability.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services such as false websites or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process nor ask a job seeker to purchase IT or other equipment on our information on employment scams is availablehere.