eDiscovery & Forensics Analyst

Duties

The eDiscovery & Forensics Analyst's duties and responsibilities include the following:

• Maintaining and administering eDiscovery case management system; collaborate with departments and vendors for training and feature enhancements
• Coordinating eDiscovery cases: preserve, collect, process, and review data across email systems, servers, endpoints, and cloud platforms
• Implementing security and backup/recovery processes; apply patches, configure systems, and monitor performance
• Installing and configuring software, write scripts or utilities, and develop automated reports
• Providing expert guidance and user support related to eDiscovery tools, case management, digital evidence testimonials, investigation methodologies, and other tools
• Translate technical findings and digital evidence into clear, actionable reports and training for non-technical stakeholders
• Utilizing digital evidence and forensic tools to image devices, recover deleted files, and prepare forensic reports for legal, audit, and investigative teams
• Supporting legal hold processes and associated documentation to ensure defensible preservation of data
• Developing and maintaining standard operation procedures (SOPs), checklists, and guidance on documents for forensic and eDiscovery processes
• Monitoring and auditing system logs, access records, and chain-of-custody logs to ensure compliance with internal policies and legal standards
• Maintaining integrity of the evidence room by enforcing strict chain-of-custody protocols and access logging
• Utilizing project organization management including scheduling, milestones, deliverables to achieve successful outcomes
• Collaborating and communicating with IT teams across multiple agencies, legal counsel, custodians of records, and HR for digital data/evidence collection, legal holds execution, and preservation of digital data/assets

A certification in one of the following is strongly preferred but not required:

• Forensic: EnCE (EnCase Certified Examiner), GCFE (GIAC Certified Forensic Examiner), GCFA (GIAC Certified Forensic Analyst), CCE (Certified Computer Examiner), or equivalent
• eDiscovery: Relativity Certified Administrator, CEDS (Certified eDiscovery Specialist)
• Security: Security+, CISSP (Certified Information Systems Security Professional)

 Earn a Degree in Crime Scene Investigation, Forensic Science, or Computer Forensics

Requirements

DESIRABLE QUALIFICATIONS AND CORE COMPETENCIES

• In addition to the minimum qualifications, the ideal candidate will possess at least two (2) years of work experience performing systems analysis/administration involving evidence collection, platform administration, tool usage, or a combination of the above.

The ideal candidate will have experience in the following competencies:

Technical Knowledge | Technical Expertise

• Analyzing, maintaining and administering network, server, desktop, and application components within the forensics infrastructure environment
• Experience with scripting languages: PowerShell or Python
• Understanding of forensic methodologies, eDiscovery lifecycle, chain-of custody and familiarity with applicable laws, regulations, and organizational policies (i.e. PRA, CJIS, HIPAA, etc.)
• Understanding Information Technology and applying advanced methodologies, principles, and concepts to coordinate major projects
• Understanding of information security architecture, information security technologies, tools, appliances, practices and controls
• Utilizing technical project management methodology
• Evaluating new forensic and eDiscovery tools or techniques to enhance efficiency, accuracy, or automation
• Analyzing digital evidence to ensure defensible preservation of data
• Utilizing information security architecture, information security technologies, tools, practices, and controls
• Knowledge/background in system analysis concepts and principles

Relationship Building | Interpersonal Skills

• Collaborating and interacting with various levels of staff, including office support staff, supervisors, managers and executives
• Building collaborative partnerships with private and public Agencies, Departments, Organizations, and communities
• Working with various organizational units in order to meet the Enterprise Security team goals and missions

Oral | Written Communication Skills

• Preparing and orally presenting program training and support information to various groups
• Communicating, coordinating, and collaborating with County agencies to ensure effective service delivery
• Translating and developing technical findings into clear, actionable reports and documentation for non-technical stakeholders

LICENSE REQUIREMENT

• Possession of a California Class C Driver License is Required.

Do you have the Education Required? See available on-line and campus-based degree programs now!