Division/Unit: High Technology Analysis Unit
Salary Range: $62,122 – $70,000
The New York County District Attorney’s Office has an immediate opening for a Cyber Response Investigator in the High Technology Analysis Unit (HTAU) of its Cybercrime and Identity Theft Bureau. The Cybercrime and Identity Theft Bureau (CITB) is committed to protecting the public by combating sophisticated cybercrime and identity theft schemes in Manhattan and worldwide. The Bureau prosecutes cases involving check and credit card fraud, cyber impersonation, child exploitation and pornography, cyber-stalking, cyber-bullying, computer hacking, as well as white-collar crimes involving money laundering and threats to financial institutions. In this position the Investigator’s role as a hybrid cybersecurity incident responder/digital forensic examiner is responsible for providing highly sophisticated analytical and investigatory support to the unit and the office at large.
Responsibilities include but are not limited to:
- Participate in the execution of search warrants to identify, triage, forensically acquire and preserve live digital evidence in a holistic manner consistent with best forensic practices.
- Collaborate with case investigators to plan and create tactical strategies for collecting live digital evidence.
- Enhance procedures designed for onsite preservation and collection of digital evidence.
- Discover live engagement techniques via research and testing that enhance online investigations. Then with legal approval develop & engage in said activities.
- Investigate digital theft, cyber fraud, data exfiltration events, website attacks, email spoofing, malware infected devices, cryptocurrency scams, various types of network attacks and conventional cybercrimes on live systems and seized devices using digital forensic and incident response methods.
- Analyze forensic images for indicators of compromise and various types of digital evidence on Windows, Linux, & Mac operating systems using industry standard digital forensic tools such as X-Ways, Axiom, FTK, EnCase, Cybertriage.
- Extract data and create reports from Android & iOS based mobile devices using the latest industry standard mobile forensic tools.
- Investigate reports of malicious web hacks/intrusions from corporations, small businesses, and individual citizens by forensically acquiring and examining assorted evidence types such as: event logs, memory captures, pcap files, system files, emails, and hard disks from servers, desktops and mobile devices.
- Perform in-field Wi-Fi assessment surveys on all 802.11x bands using commercial and customized tools subsequently preparing reports of actions and findings.
- Prepare written summary reports to document all field work conducted including but not limited to: digital evidence collection efforts, cyber engagements efforts, and victim or witness interviews.
- Collect intelligence on potential targets using open source tools (OSINT) and law enforcement databases.
- Report on daily engagements and research/development activities utilizing the unit’s internal tracking system.
- Testify in support of case prosecution about all field and laboratory activities conducted during any investigation.
- Evaluate new technology that will help identify digital evidence for unique cyber investigations while documenting effective techniques that can be standardized for use in the computer forensics unit.
- Train and certify in relevant digital forensics/incident response topics while maintaining certifications and improving skillset.
- Update and log all software/hardware purchases for the purpose of cyber response investigations.
- Routinely train/educate legal and support staff of cyber threats, to provide awareness and avoidance techniques.
- Conduct periodic hardware and evidence audits when it is required to do so.
Minimum Qualification Requirements:
1. Bachelor’s degree required; preferably in Information Security, Digital Forensics, Cyber Security, or a Computer Science-related technical discipline.
2. One (1) year of working experience in a related field.
- Experience in digital evidence collection, forensic imaging, and/or digital evidence handling.
- Forensic experience with Windows, Linux, and Mac operating systems.
- Forensic experience with Android and iOS operating systems.
- Strong proficiency in Microsoft Office.
- Ability to work with frequent interruptions and adapt to changes in workflow.
- Ability to work independently and manage multiple short-term projects.
- Must be able to organize assigned tasks and report progress updates autonomously.
- Ability to follow directions and apply proper policies, procedures, and guidelines.
- Strong attention to detail and high concern for data accuracy.
- Dependable team player who works collaboratively and cooperatively with staff in a team-oriented environment.
- Must be able to perform under pressure in a fast-paced environment, detail oriented and self-motivated and able to multi-task.
- Must be willing to routinely attend field engagements.
- Must possess a high level of curiosity and an innate appreciation of technology.
- Must possess the ability to research and find solutions to technical issues.
- Ability to interact with all levels of staff and law enforcement.
- Master’s degree; preferably in Information Security, Digital Forensics, Cyber Security, or a Computer Science-related technical discipline
Preferred Technical Requirements:
- Certifications related to information security, cyber security, penetration testing, incident response, and/or digital forensics will be strongly considered. Applicant should highlight any applicable certifications in their cover letter and resume accordingly (include any applicable tool specific vendor certifications, etc.).
- Examples of relevant certifications are: CEH, CHFI, CIH, CySA+, PenTest+, Security+, GNFA, GCIH, GCFE, GCFA, GPEN, GWAPT, GCTI and any other similarly relevant certification.
- Below are examples of proficiencies that preferred candidates may possess for consideration:
- Previous experience with incident response.
- Previous experience working in a digital forensic lab.
- Experience testifying to analyses in a courtroom setting.
- Demonstrative skills and experience with Linux operating systems such as Ubuntu, Debian, Kodi, Parrot etc.
- Experience scripting with Bash, PowerShell, CMD etc.
- Experience with a programing language such as Python, Java, C, etc.
- Strong IT networking skills and/or network related certifications.
- Familiarity with cryptocurrency and Web 3 technologies.
- Basic understanding of HTML, web apps and related web technologies.
- Understanding of the Darknet, Tor and onion sites.
- Experience sandboxing malicious files.
- Experience in conducting live evidence triage and forensic acquisitions.
- Understanding network forensics conceptually.
- Red Team / Blue Team familiarity and mindset.
- Working knowledge of the IEEE 802.11 protocol.
- Two (2) year commitment to hiring unit.
How to Apply:
- Apply with a Cover Letter and Resume.
- Current office employees: To be eligible for a transfer or promotion, staff must have already served at least 1 year in their current position and be in good standing. In addition, must meet the minimum qualifications of the position.
- Authorization to work in the United States is required for this position.
- As a current or prospective employee of the City of New York, you may be eligible for federal loan forgiveness programs and state repayment assistance programs. Please review the notice to see if you may be eligible for programs and how to apply at nyc.gov/studentloans .
The New York County District Attorney’s Office is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual’s sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.About Us
The New York County District Attorney’s Office serves and protects the People of New York through the fair administration of justice, without fear or favor. The Office’s professional staff perform a variety of key functions, including supporting the Trial, Investigation, and Appeals Divisions, as well as other prosecution support and office functions. Our support staff receive a competitive salary and a generous benefits package, as well as unparalleled opportunities for professional development.
The New York County District Attorney’s Office is an Equal Opportunity Employer, committed to recruiting and retaining a diverse and culturally responsive workforce. Given the diverse nature of our community, the ability to work with people of different backgrounds is critical. The Office seeks to have a staff that reflects the diversity of the community that we serve. To that end, all applicants will be considered without regard to actual or perceived race, color, national origin, religion, sexual orientation, marital or parental status, disability, sex, gender identity or expression, age, prior record of arrest; or any other basis prohibited by law. These protections extend to all management practices and decisions, including recruitment and hiring practices, appraisal systems, promotions, training, and career development programs.About the Team
The Professional Staff Recruitment Team at DANY supports the Office’s initiatives to have a staff that reflects the diversity of the community that we serve. We seek employees that are interested in a career in the public sector and will support the Office’s initiative of Moving Justice Forward.
For questions or inquiries, please contact [email protected].