Cybersecurity Forensics and Malware Lead

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or related discipline
• Minimum of 5 years of incident response experience in a large SOC, including at least 3 years focused on digital forensics
• At least 3 years of experience conducting disk, memory, and registry analysis using industry-standard forensic tools such as EnCase, FTK, X-Ways, and Volatility
• Strong understanding of file systems and operating system artifacts (e.g., SRUM, Prefetch, Shellbags)
• Familiarity with federal evidence handling requirements and chain-of-custody procedures
• Certification required: GCFA, GREM, CFCE, or OSED
• Ability to obtain and maintain a Public Trust clearance

Responsibilities

• Lead digital forensic and malware analysis operations in support of cybersecurity activities for the federal customer
• Provide subject matter expertise for forensic investigations across Windows, Linux, macOS, cloud, and enterprise environments
• Perform both static and dynamic malware analysis to identify indicators of compromise, adversary techniques, and root causes
• Analyze forensic artifacts, memory images, endpoint data, and SIEM telemetry to detect malicious activity
• Coordinate with incident response and triage teams to support investigation, containment, and recovery efforts
• Conduct live forensic investigations using enterprise security tools and approved forensic platforms
• Collect, preserve, and manage digital evidence in accordance with forensic standards and procedures
• Produce detailed forensic and malware analysis reports documenting findings and investigative results
• Support real-time investigations involving high-severity security incidents
• Analyze advanced threats including ransomware, phishing campaigns, and sophisticated malware
• Perform memory analysis and data recovery using approved forensic methodologies
• Correlate data from endpoint, network, identity, and cloud sources to support investigations
• Communicate findings to leadership and cybersecurity teams, ensuring timely escalation as needed
• Review forensic deliverables for accuracy, completeness, and compliance with SLAs
• Develop and maintain forensic SOPs, playbooks, and investigative procedures
• Support reporting and awareness efforts by contributing forensic insights and threat trends
• Participate in technical briefings and operational meetings
• Drive improvements in forensic and investigative processes
• Support onboarding, training, and knowledge transfer activities

Benefits

• 3 weeks of Personal Leave your first year
• 11 paid Holidays each year
• 5 days of Flexible Time Off each year
• 401(k) company match at 50% up to 10% of your salary
• Medical, Dental and Vision Insurance
• Life and Disability Insurance
• Public Transportation Subsidies
• Certifications and Training Allowance - Up to $5,000/year!