Description:
This role is designed for experienced cybersecurity practitioners to participate in a skills assessment pilot aligned to the Cyber Defense Forensics Analyst (Work Role 212 / PD-WRL-002). The purpose of this engagement is assessment validation and standard-setting, not hiring, ranking, or performance evaluation.
The Contract SME will complete a structured assessment and a brief survey only. This role does not involve teaching, instructional design, content creation, consulting, facilitation, or advisory responsibilities.
- Complete a practitioner-level skills assessment
- Complete a short post-assessment survey
- No meetings, facilitation, reviews, or follow-up work
This is a finite, transactional engagement with clearly defined deliverables.
- Estimated assessment length: ~120 items
- Estimated completion time: Approximately 1 hour
- Assessment window: Must be completed within a defined access period (typically 5 business days once access is granted)
- Once started, the assessment must be completed within 24 hours
Requirements:
Candidates must be current practitioners with applied, real-world experience analyzing digital evidence and supporting cybersecurity investigations. Familiarity should align with one or more of the following areas:
- Conducting digital forensic analysis in support of cybersecurity investigations
- Collecting, preserving, and analyzing digital evidence from endpoints, servers, or network sources
- Applying forensic principles to maintain evidence integrity and chain of custody
- Investigating computer security incidents to determine scope, impact, and root cause
- Analyzing logs, memory, disk images, and network artifacts
- Using forensic and investigative tools to support incident response and vulnerability mitigation
- Understanding common attack techniques, malware behaviors, and adversary tradecraft
- Supporting incident response teams with forensic findings and technical insights
- Documenting investigative processes, findings, and conclusions in clear reports
- Understanding legal, policy, and procedural considerations related to forensic investigations
Minimum Performance Expectation
- Participants must score above 50% on the assessment
- This threshold exists only to confirm practitioner-level participation
- Results are not used for hiring, ranking, or performance evaluation
- Active cyber defense, DFIR, or digital forensics practitioner
- Hands-on experience performing forensic analysis during real security incidents
- Comfortable working with ambiguous or incomplete data
- Familiar with forensic tooling, evidence handling, and investigative workflows
- Reliable and able to complete work within a short, defined window
- One completed skills assessment
- One completed post-assessment survey
- Flat-fee contract payment
- Paid upon successful completion of the assessment and survey
