Mobile Threat & Forensics Analyst

SPECIAL AEROSPACE SECURITY SERVICES INC•Washington, DC

6d•Hybrid

About The Position

Special Aerospace Security Services, Inc. (SASSI) is seeking a highly motivated Mobile Threat & Forensics Analyst to support a U.S. Government customer in delivering advanced mobile security, malware analysis, digital forensics, and incident response support services within enterprise cybersecurity environments. This position supports evolving cybersecurity operations focused on mobile threats, advanced forensic investigations, malware analysis, phishing investigations, mobile application analysis, and proactive threat identification activities across both traditional and mobile platforms. The selected candidate will work closely with cybersecurity operations, threat intelligence, incident response, and enterprise security teams to support investigative, analytical, and operational cybersecurity missions. SASSI is seeking candidates capable of supporting complex investigative and analytical activities with minimal oversight while operating within fast-paced operational environments supporting federal cybersecurity missions.

Requirements

U.S. Citizenship required
Active Secret clearance required
Bachelor’s degree in Cybersecurity, Computer Science, Digital Forensics, Information Technology, Computer Engineering, or related discipline (equivalent experience considered)
Minimum 5 years of experience supporting cybersecurity operations, malware analysis, digital forensics, incident response, mobile security, or related investigative activities
Experience supporting forensic investigations involving Windows, Linux, iOS, and/or Android platforms
Experience analyzing phishing emails, malicious files, suspicious URLs, and indicators of compromise
Familiarity with malware analysis concepts, digital forensic methodologies, and incident response procedures
Experience utilizing cybersecurity and forensic tools such as: Cellebrite, FTK, EnCase, Volatility, Wireshark, IDA Pro, Ghidra, X-Ways, VirusTotal, Sandbox analysis platforms
Understanding of operating systems, file systems, executable formats, and network protocols
Experience with scripting or automation using Python, PowerShell, Bash, or similar languages
Strong analytical, investigative, documentation, and communication skills
Ability to work independently within operational cybersecurity environments

Nice To Haves

8+ years of experience supporting malware analysis, mobile security, digital forensics, threat hunting, or incident response operations
Advanced experience conducting mobile forensic investigations across iOS and Android platforms
Experience with advanced mobile extraction methodologies and tools such as: Cellebrite Premium, GrayKey, Oxygen Forensics
Experience performing reverse engineering and analysis of malicious mobile applications, APK/IPA files, and mobile malware
Experience analyzing nation-state, spyware, or advanced persistent threat (APT) activity targeting mobile platforms
Familiarity with Android and iOS internals, mobile operating system artifacts, SQLite databases, plist files, logs, and mobile telemetry
Experience supporting enterprise mobile security initiatives, including Mobile Device Management (MDM) or Enterprise Mobility Management (EMM) environments
Experience performing proactive threat hunting, detection engineering, or advanced forensic analysis activities
Experience supporting classified, federal, or national security cybersecurity environments
Ability to mentor junior analysts and support complex investigative or incident response activities with minimal oversight
GREM
GCFA
GNFA
GCIH
GCED
CISSP
CASP+
CySA+
Security+
CREA
OSCP / OSEP
CEH

Responsibilities

Perform malware analysis utilizing static and dynamic analysis techniques to identify malicious behavior, persistence mechanisms, attack vectors, and indicators of compromise (IOCs)
Conduct digital forensic analysis of systems, removable media, and mobile devices involved in cybersecurity incidents or investigations
Perform mobile device forensic analysis across iOS and Android platforms utilizing forensic acquisition and analysis tools
Investigate phishing emails, malicious attachments, suspicious URLs, spoofed domains, and command-and-control (C2) communications
Analyze mobile applications, APK/IPA files, suspicious software, and mobile-specific attack techniques
Capture and analyze volatile memory, logs, browser artifacts, system activity, and forensic evidence from compromised devices and systems
Support proactive threat identification, mobile threat analysis, and investigative activities across enterprise environments
Develop indicators of compromise (IOCs), signatures, YARA rules, detection logic, and analytical findings to support threat detection and incident response
Collaborate with cybersecurity operations, threat intelligence, vulnerability management, and incident response teams
Prepare technical reports, forensic findings, investigative summaries, and operational briefings
Maintain proper evidence handling, chain-of-custody, and investigative documentation procedures
Support analysis of emerging threats, malware trends, and mobile security risks impacting enterprise environments