Digital Forensics Analyst

About The Position

Requirements

• US Citizenship required
• 5+ years digital forensics experience (Windows, Linux, macOS)
• Experience with disk duplication, mobile forensics, malware analysis, and forensic toolsets
• Experience with AWS, Azure, M365, CloudTrail, IAM logs, EDR, SIEM, packet capture
• Ability to investigate Virtual Machines, CloudTrail, IAM logs.
• Accepted certifications include: GCIH, GCFA, GCFE, GREM, GISF, GXPN, GCTI, GOSI, EnCase (EnCE, CFSR, ENCEP)
• Clearance Requirement: Ability to obtain and maintain a Public Trust.
• Must be eligible for employment in the United States.
• We are unable to sponsor candidates at this time.

Responsibilities

• Perform network and media digital forensic investigations to support cybersecurity incident response, threat analysis, and enterprise security operations.
• Conduct advanced threat hunting activities across enterprise infrastructure to identify malicious activity, indicators of compromise (IOCs), and persistent threats.
• Utilize industry-standard forensic, malware analysis, and incident response tools, techniques, and procedures to investigate cybersecurity events and security incidents.
• Analyze malware, suspicious files, network traffic, and compromised systems to determine attack vectors, scope of compromise, and remediation recommendations.
• Execute proactive defense activities through IOC sweeps, host interrogation, and continuous threat hunting across systems operated by and on behalf of the organization.
• Support enterprise incident response activities by providing forensic analysis, technical findings, and status updates in accordance with established incident response procedures and reporting timelines.
• Develop, maintain, and update forensic analysis, malware analysis, and advanced threat hunting standard operating procedures (SOPs) and operational documentation.
• Prepare detailed forensic and incident response reports documenting investigative findings, technical analysis, root cause, remediation actions, and lessons learned.
• Develop and enhance forensic processes, detection capabilities, scripts, automation tools, and security content to improve investigative efficiency and threat detection.
• Coordinate and support insider threat investigations by collecting, analyzing, and preserving digital evidence in accordance with organizational and legal requirements.
• Produce recurring technical status reports and communicate investigative progress, trends, and risks to cybersecurity leadership and stakeholders.
• Collaborate with security operations, incident response, and cybersecurity engineering teams to strengthen enterprise detection, response, and defensive capabilities.

Benefits

• 3 weeks of Personal Leave your first year
• 11 paid Holidays each year
• 5 days of Flexible Time Off each year for approved training or certifications (self-study is ineligible)
• 401(k) company match at 50% up to 10% of your salary
• Medical, Dental and Vision Insurance
• Life and Disability Insurance
• Public Transportation Subsidies
• Certifications and Training Allowance - Up to $5,000/year!