Computer Forensics Specialist - Mid-Level

The Computer Forensics Specialist supports USINDOPACOM's cyber intelligence mission by recovering, analyzing, and interpreting digital information from computers, networks, and electronic storage devices. These specialists apply forensic tools, cyber investigative methods, and analytic techniques to discover hidden, deleted, damaged, or manipulated data and transform technical findings into actionable intelligence. Analysts contribute directly to cyber threat understanding, adversary TTP analysis, target development, and operational planning across the Indo-Pacific theater.

Clearance: TS/SCI (with Poly if required)
Mission Area: USINDOPACOM J2 / Cyber Intelligence & Digital Forensics

Digital Forensics & Data Recovery

Applies forensic tools and investigative methods to recover data-including documents, emails, images, logs, and hidden or deleted files-from compromised or manipulated systems.
• Analyzes system artifacts, malware traces, file structures, and activity logs to determine how a system was accessed, exploited, or altered.
• Uses technical expertise to support digital evidence discovery, preservation, and analytic interpretation.

Technical Intelligence Reporting & Production

• Produces and disseminates cyber technical intelligence reports, including JIOC Reports, following approved analytic and formatting standards.
• Prepares technical cyber intelligence briefing slides for senior leadership, including:
• Commander, USINDOPACOM
• Deputy Commander
• Director of Intelligence (J2)
• Director of Operations (J3)
• Director of Command, Control, and Cyber (J6/Cyber)
• Provides ad hoc briefings and contributes to general military intelligence products.

Cyber Threat Analysis & Assessment

• Conducts predictive intelligence analysis on adversary cyberspace capabilities, including:
• Signature development
• Force mission understanding
• Order of battle
• Tactics, techniques, and procedures (TTPs)
• Training and exercise patterns
• Identifies cyber intelligence gaps and develops or refines collection requirements.

Coordination & Knowledge Integration

• Coordinates with national agencies and IC partners to contribute to a shared body of knowledge on adversarial cyber activities.
• Identifies adversary TTPs and integrates findings into broader cyber threat assessments.
• Supports cross-functional coordination with:
• Targeting teams
• Collections managers
• Joint Cyber Center
• USINDOPACOM operational planning elements

Forensic Support to Cyber Operations

• Conducts forensic analysis to support cyber effects, target development, and offensive/defensive cyber operations.
• Assists in developing intelligence supporting cyber actions and mission planning.
• Provides subject-matter expertise on digital forensics, intrusion detection, network defense, and malware behavior.

Technical Product Development & Review

• Reviews and/or produces technical target materials, coordinating with target material producers and consumers.
• Supports cyber planning through technical assessments, concept development, and capability integration.

Cyber Knowledge Management & Training

• Assists with cyber knowledge management, software requirements, and TTP development.
• Trains and mentors CyAG personnel in technical forensic processes and emerging tools.
• Evaluates emerging digital forensics technologies, methods, and tools to enhance analytic readiness.

Special Mandatory Qualifications / Certifications

Education & Experience

• Degree in Electrical Engineering, Computer Science, Information Technology, Systems Engineering, or related field.
• Minimum 2 years of experience in:
• Incident detection and response
• Cybersecurity
• Digital forensics

Technical Skills

• Experience with:
• Firewalls (operation and maintenance)
• Office 365 Security
• VSX networking/security
• Endpoint security platforms
• Proficiency in at least two programming/scripting languages, including:
• Python, C++, Java, Ruby, Node, Go, or PowerShell

Certifications & Domain Knowledge

• Strong awareness of cybersecurity trends, intrusion techniques, and hacker methodologies.
• Preferred certifications:
• Certified Ethical Hacker (CEH)
• ISFCE or IACIS forensic certifications

luehawk, LLC. is an Equal Opportunity/Affirmative Action Employer/EOE Minority/Female/Disabled/Veteran/Sexual Orientation/Gender Identity