Address
Form of workThe Bozeman Police Department is now accepting applications for a Digital Forensics Analyst who will oversee the secure computer forensic laboratory and perform highly specialized physical evidence examinations related to computer and Digital Forensics. This position will apply industry-accepted Digital Forensics principles in acquiring, collecting, preserving, and processing structured and unstructured data according to established procedures and protocols.
This is a full-time opportunity with many benefits! As a City of Bozeman employee, you will be part of a team that is committed to positively impacting the community. This great opportunity also provides enrollment in an established retirement system with significant employer contribution (9.07%), generous vacation and sick time accruals, 8 weeks of paid parental leave, and excellent medical/dental/vision benefits.
Bargaining Unit: Montana Federation of Public Employees (MFPE)
Fair Labor Standards Act Status: Non-Exempt
Work Week: Typically Monday - Friday; 8:00am - 5:00pm though additional or varying hours may be required including evenings and weekends due tot he nature of the position.
Examples of Essential Work (Illustrative Only)
- Conducts comprehensive forensics examinations of computer based digital evidence;
- Maintains and manages a secure Computer Forensic Laboratory that optimizes the investigative process as it relates to digital media;
- Uses appropriate tools to identify, collect, preserve, and analyze electronic data from computers, servers, mobile devices, or other digital media platforms;
- Applies industry-accepted Digital Forensics principles in acquiring, collecting, preserving, and processing structured and unstructured data according to established procedures and protocols;
- Processes crime scenes including collecting electronic and digital evidence, and photographing scenes and evidence;
- Maintains custody of evidence to ensure secure storage and timely retrieval including documenting the security, transfer, and chain of custody for items;
- Conducts forensic examinations and complex analysis in order to develop forensically sound evidence using a wide variety of advanced computer technologies and forensic theories;
- Recovers and restores deleted user data, hidden data, file fragments and temporary files;
- Performs duplicate data back-up of evidence received to preserve the state of those materials at the time of receipt;
- Prepares, produces, and organizes case materials, court exhibits, and reports in appropriate format for city, county, and federal prosecutors;
- Provides oral and written communications concerning results of examinations to include testimony at trial;
- Implements correct seizure, handling, packaging, transferring, and chain of custody for evidence;
- Provides technical assistance and evidence review to appropriate personnel on digital evidence;
- Establishes and maintains professional working relationships with other federal and local investigators or agencies;
- Works cases with sensitive digital materials including child sexual abuse material, sex-related offense media, graphic imagery, and messaging;
- Assists in the general evidence collection, documentation, and processing of other types of physical evidence in the cataloging, preservation, retention, and appropriate destruction of all types of evidence as needed;
- Keeps immediate supervisor and designated others fully and accurately informed concerning work progress, including present and potential work problems and suggestions for new or improved ways of addressing such problems;
- Attends meetings, conferences, workshops, and training sessions and reviews publications and audio-visual materials to become and remain current on principles, practices, and new developments in assigned work areas;
- Responds to citizens' questions and comments in a courteous and timely manner;
- Communicates and coordinates regularly with appropriate others to maximize the effectiveness and efficiency of interdepartmental operations and activities;
- Performs other duties consistent with the role and function of the classification.
- Bachelor's Degree in Computer Science, Computer Forensics, or related field; and
- Some (2-4 years) experience conducting Digital Forensic investigations or analysis;
- Any equivalent combination of experience and training which provides the knowledge, skills and abilities necessary to perform the work.
- Substantial knowledge of the proper and efficient handling of crime scene evidence using current techniques, in accordance with prescribed guidelines;
- Substantial knowledge of the procedures needed for secure chain of evidence requirements within a criminal prosecution;
- Substantial knowledge of the use of forensic tools (e.g. Cellebrite UFED and Physical Analyzer, Cellebrite Premium, GreyKey, Xways Forensics, EnCase® Forensic and Enterprise Editions, Forensic Toolkit®, Linux based tools, etc.) and ability to articulate, in detail, the processes being conducted by these automated forensic tools;
- Some knowledge of Linux operating system, computer networking, web services, hosting, and related technologies;
- Some knowledge of or ability to learn language and/or syntax of Python, C#, Javascript, and HTML;
- Substantial knowledge of hardware and software troubleshooting techniques;
- Some knowledge of forensic write blockers and forensic imaging techniques;
- Ability to use judgment in interpreting and applying procedures or directions to specific cases;
- Ability to develop programs, software, and applications to discover, sort, and present digital media evidence;
- Ability to testify to procedures used in processing digital evidence;
- Ability to learn the Montana Codes and Bozeman Police Department policies relating to the collection, examination, handling, and storage of law enforcement evidence;
- Ability to interpret, process, and translate file and operating system artifacts across a variety of platforms;
- Ability and willingness to maintain the confidentiality of sensitive data;
- Ability to communicate effectively with others, both orally and in writing, using both technical and non-technical language;
- Ability to understand and follow oral and/or written policies, procedures, and instructions;
- Ability to prepare and present accurate and reliable reports containing findings and recommendations;
- Ability to operate a personal computer using standard or customized software applications appropriate to assigned tasks;
- Ability to use logical and creative thought processes to develop solutions according to written specifications and/or oral instructions;
- Ability to perform a wide variety of duties and responsibilities with accuracy and speed under the pressure of time-sensitive deadlines;
- Ability and willingness to quickly learn and put to use new skills and knowledge brought about by rapidly changing information and/or technology;
- Integrity, ingenuity and inventiveness in the performance of assigned tasks.
- Consistently performs assignments in accordance with the City's Core Values of Integrity, Leadership, Service and Teamwork.
- Possession of a valid Driver's License and obtain Montana class D Driver's License within 60 days of employment;
- Criminal Justice Information Network (CJIN)/National Crime Information Center (NCIC) Certifications within 180 days of employment;
- Certification specific to the functional area of assignment (e.g. IACIS Certified Computer Forensic Analyst, GIAC Certified Forensic Examiner, ISFCE Certified Computer Examiner, or similar) within 1 year of employment;
- As a condition of continued employment, must possess and retain ability to provide credible testimony in court;
- Offers for employment are conditional upon satisfactory completion of the conditional offer process;
