Forensic Data Analyst I/II

Are you looking for a meaningful career that has a positive impact on the community? If you answered YES, come join the City of Sparks! Aside from working for an organization that is dedicated to the community, you will also receive a generous and competitive salary, benefit package, tuition reimbursement, bilingual pay (when applicable) and retirement plan. People who come to Sparks stay in Sparks.

The Ideal Candidate: The City's Information Technology Division is looking for an individual with a strong background in forensic lab practices and procedures, knowledge of evidence handling in a legal setting or law office, knowledge of discovery rules and/or rules of civil discovery and with the experience and ability to testify as an expert witness. This individual will work with City staff such as but not limited to the City Attorney's Office and City Clerk's office to perform work in support of the City's electronic discovery and public records needs.

Are you the ideal candidate? If so, apply now! 
 
 Application Tips:

• Fill out and update your general online application before attaching it to any new job posting. HR reviews information listed on the application submitted to the specific job posting.
• Contact information: use an email address you can easily access at any time.
• The Qualifications section below is your guide to understand what the City is looking for on your application, use this to your advantage. It is up to the candidate seeking employment/promotion to include all relevant information for qualification purposes, on the application the candidate submits to be considered for the job.
• DO attach: licenses/transcripts/certificates that will demonstrate you meet the education or certification requirements (see qualifications section to determine what documents to attach) or preferred experience/education.
• DO NOT attach resumes or cover letters. The City of Sparks does not review these items with the application. 
• Enable TEXT messaging in your application before you hit submit! This feature will allow the recruiter to send you important reminders throughout the recruitment process.
  

While this position is open until 09/30/2024, depending on qualified candidates, multiple application review dates may occur sooner. The posting may be extended or close without notice if a sufficient number of applications are received and a hiring decision can be made before then. Therefore, individuals are encouraged to apply immediately. Only complete applications will be reviewed for minimum qualifications. The first review of applications will happen by May 7, 2024. Applicants that apply after the first review are not guaranteed to be considered for this recruitment. 

If you have any questions, please email hrstaff@cityofsparks.us. The City of Sparks is an Equal Opportunity Employer. 

DESCRIPTION

Forensic Data Analyst I

Under direct supervision, responsible for processing electronic discovery, public records analysis, data recovery, and forensic investigations.
 
DISTINGUISHING CHARACTERISTICS
This is the entry level class in the Information Technology Forensic Data Analyst series. 

Forensic Data Analyst II
Under limited supervision, responsible for processing electronic discovery, public records analysis, data recovery, and forensic investigations. 
 
DISTINGUISHING CHARACTERISTICS
This is the experienced class in the Information Technology Forensic Data Analyst series. This class is distinguished from the Forensic Data Analyst I by performing extensive data analysis and recovery with a high degree of independence.

 Qualifications:

Applicants must possess the following minimum qualifications to continue in the recruitment process:
 

Forensic Data Analyst I

Education and Experience:
Bachelor's Degree with major course work in computer science, information security or a related field and one (1) year of technical experience working in cybersecurity and/or data analysis.
 
OR equivalent combination of education and experience.
 
Licenses and Certificates:
Must obtain within thirty (30) days of hire and maintain throughout employment, the equivalent to a valid Nevada Class C driver's license.
 
Must obtain within six (6) months of hire and maintain throughout employment, Network + and Security + certifications.
 
Must obtain within six (6) months of hire and maintain throughout employment, Incident Command System (ICS) 100/200.

Forensic Data Analyst II

Education and Experience:
Bachelor's Degree with major course work in computer science, information security or a related field and three (3) years of technical experience working in cybersecurity and/or data analysis.
 
OR equivalent combination of education and experience.
 
Licenses and Certificates:
Must obtain within thirty (30) days of hire and maintain throughout employment, the equivalent to a valid Nevada Class C driver's license.
 
Must obtain at time of hire and maintain throughout employment, Network+ and Security+ certifications.
 
Must obtain within six (6) months of hire and maintain throughout employment, Incident Command System (ICS) 100/200.

Examples of Essential Duties: Forensic Data Analyst I
Work with City staff to perform regular and extensive data recovery and analysis functions in support of a variety of needs including but not limited to the City’s electronic discovery and public records needs, public records analysis, data recovery operations and forensic investigations.

Assist the Security Administrator with the ongoing development of the City’s overall security platforms in relation to industry standard forensic practices, forensic data investigation, analysis, and recovery efforts in response to cybersecurity events. Maintain confidentiality handling highly sensitive and confidential matters and materials.
 
Extract data using native tools and computer forensic tools from systems such as but not limited to Office 365, network shares, SQL databases, Windows servers, Windows desktops, and Linux systems. Conduct live analysis on networks, and multiple platforms.
 
Provide subject matter expertise on data forensics by maintaining current technical knowledge and trends, industry best practices, and City policies and procedures related to the work. Review publications, attend trainings and workshops. Testify to authenticate records or as an expert witness as needed.
 
Prepare operational documentation for use by City staff and conduct security assessments and exams on compromised computers and servers.
 
Serve on various City committees and serves as a liaison with outside consultants, vendors and peer institution groups as needed. Work with internal customers and peer organizations to perform research, testing, evaluation and implementation of enterprise servers and systems.
 
Perform other duties which may be assigned.
 
Knowledge, Skills and Abilities:

• Knowledge of rules of discovery and/or rules of civil discovery
• Knowledge of forensic lab practices and procedures and evidence handling
• Knowledge of Active Directory, LDAP and Single Sign-On including support services and technologies such as but not limited to DNS, DHCP, Group Policy, OU structures and security delegation models
• Knowledge of computer security procedures and best practices
• Knowledge of basic accounting, statistical, business administration and office procedures
• Knowledge of and ability to use computer applications, related software, and operating systems such as but not limited to Windows servers and desktops, macOS, iOS, Android, Linux and UNIX, Office 365, network shares, SQL databases, and native and computer forensic tools such as Exterro
• Ability to understand and follow oral and written directions
• Ability to organize and prioritize work schedule and handle multiple priorities, projects, and complex tasks
• Ability to work in a team-based environment to achieve common goals
• Ability to communicate clearly and concisely, both orally and in writing, maintain accurate logs and records
• Ability to establish and maintain effective relationships with those contacted during work
• Ability to follow and maintain confidentiality
• Ability to train others in work procedures

Physical Demands:
Requires ability to work in a typical office setting and use standard office equipment. Ability to stand or sit for prolonged periods of time.  Occasionally stoop, bend, kneel, crouch, crawl, reach and twist. Occasionally lift, carry push, and/or pull light to moderate amounts of weight frequently and to use assisted lifting techniques to lift50-75 pounds. Ability to operate office equipment requiring repetitive hand movement and fine coordination including use of a computer keyboard. Some work is performed in a computer operations environment with exposure to noise, dust, fumes and controlled environments.
 
SUPPLEMENTAL JOB POSTING INFORMATION

• This position is Exempt under FLSA guidelines
• This position is at-will and exempt from the Regulations of the Civil Service Commission 
• This position reports to the Information Technology Manager 
• Supervision exercised: None. May act as the Information Technology Security Administrator 
• Irregularities in the work schedule are expected and occur on a regular basis
• May be required to work during emergency circumstances or inclement weather conditions 
• May be required to pass a pre-placement drug screen and background investigation

Forensic Data Analyst II
Work with City staff to perform regular and extensive data recovery and analysis functions in support of a variety of needs including but not limited to the City’s electronic discovery and public records needs, public records analysis, data recovery operations and forensic investigations.

Assist the Security Administrator with the ongoing development of the City’s overall security platforms in relation to industry standard forensic practices, forensic data investigation, analysis, and recovery efforts in response to cybersecurity events.  Maintain confidentiality handling highly sensitive and confidential matters and materials.
 
Extract data using native tools and computer forensic tools from systems such as but not limited to Office 365, network shares, SQL databases, Windows servers, Windows desktops, and Linux systems. Conduct live analysis on networks, and multiple platforms.
 
Provide subject matter expertise on data forensics by maintaining current technical knowledge and trends, industry best practices, and City policies and procedures related to the work. Review publications, attend trainings and workshops. Testify to authenticate records or as an expert witness as needed.
 
Prepare operational documentation for use by city staff and conduct security assessments and exams on compromised computers and servers.
 
Serve on various city committees and serves as a liaison with outside consultants, vendors and peer institution groups as needed. Works with internal customers and peer organizations to perform research, testing, evaluation and implementation of enterprise servers and systems.
 
Perform other duties which may be assigned.
 
Knowledge, Skills and Abilities:

• Knowledge of discovery rules and/or rules of civil discovery
• Knowledge of forensic lab practices and procedures and evidence handling
• Knowledge of Active Directory, LDAP and Single Sign-On including support services and technologies such as but not limited to DNS, DHCP, Group Policy, OU structures and security delegation models
• Knowledge of computer security procedures and best practices
• Knowledge of basic accounting, statistical, business administration and office procedures
• Knowledge of and ability to use computer applications, related software, and operating systems such as but not limited to Windows servers and desktops, macOS, iOS, Android, Linux and UNIX, Office 365, network shares, SQL databases, and native and computer forensic tools such as Exterro
• Ability to understand and follow oral and written directions
• Ability to organize and prioritize work schedule and handle multiple priorities, projects, and complex tasks
• Ability to work in a team-based environment to achieve common goals
• Ability to communicate clearly and concisely, both orally and in writing, maintain accurate logs and records
• Ability to establish and maintain effective relationships with those contacted during work
• Ability to follow and maintain confidentiality
• Ability to train others in work procedures

Physical Demands:
Requires ability to work in a typical office setting and use standard office equipment. Ability to stand or sit for prolonged periods of time.   Occasionally stoop, bend, kneel, crouch, crawl, reach and twist. Occasionally lift, carry push, and/or pull light to moderate amounts of weight frequently and to use assisted lifting techniques to lift 50-75 pounds. Ability to operate office equipment requiring repetitive hand movement and fine coordination including use of a computer keyboard. Some work is performed in a computer operations environment with exposure to noise, dust, fumes and controlled environments.

SUPPLEMENTAL JOB POSTING INFORMATION

• This position is Exempt under FLSA guidelines
• This position is at-will and exempt from the Regulations of the Civil Service Commission 
• This position reports to the Information Technology Manager 
• Supervision exercised: None. May act as the Information Technology Security Administrator
• Irregularities in the work schedule are expected and occur on a regular basis
• May be required to work during emergency circumstances or inclement weather conditions 
• May be required to pass a pre-placement drug screen and background investigation

Application and Recruitment Information:You are required to submit any required documents as requested above, at time of application for further consideration. Failure to submit the required and/or requested information may result in rejection of your application. 

Recruitment Communication:
Human Resources will be contacting you at various stages of the recruitment process via email, even if you have chosen U.S. mail for prior application processes or for applications with other agencies. Please make sure your email address is accurate.

Reasonable Accommodation:
Human Resources will make efforts to provide reasonable accommodations to disabled candidates in the selection process. If you have special needs, please notify the Human Resources office when you turn in your application or at least three (3) business days prior to the examination/interview by calling (775) 353-2345.

Disclaimer:
The City of Sparks reserves the right to select applicants who demonstrate the best combination of qualifications for the position.