Cyber Host Forensic Analyst II

TL;DR

Cyber Host Forensic Analyst II (Cybersecurity): Acquiring and analyzing computer artifacts from systems during onsite incident response engagements with an accent on forensic triage, evidence preservation, and intrusion narrative development. Focus on correlating host forensics with network events, using industry-standard tools to characterize cyber attacks, and producing detailed investigative reports.

Location: Arlington, VA (onsite). U.S. Citizenship required with active TS/SCI clearance and ability to obtain DHS Suitability.

Company

hirify.global provides full-spectrum cyber, data operations, systems integration, and intelligence mission support to intelligence community, defense, civil, and commercial markets.

What you will do

• Acquire and collect computer artifacts like malware and user activity from systems during onsite engagements.
• Triage electronic devices, correlate forensic findings with network events, and develop intrusion narratives.
• Perform incident triage, document system state, and track forensic analysis from start to resolution.
• Analyze forensic images, log files, and evidence using forensic tools to identify threats and create timelines.
• Produce written reports on digital forensic findings and assist in publishing incident guidance.
• Follow evidence handling procedures, validate images with hashing, and conduct all-source research on incidents.

Requirements

• U.S. Citizenship with active TS/SCI clearance and DHS Suitability.
• BS in Computer Science, Computer Engineering, or related field (or equivalent experience).
• 2+ years in cyber forensic investigations with leading forensic tools.
• Experience creating forensic images, writing investigative reports, and handling evidence/chain of custody.
• Knowledge of cyber attack analysis, system/network threats, and proactive security analysis.
• Ability to work collaboratively across locations.

Nice to have

• Experience with EnCase, FTK, SIFT, X-Ways, Volatility, WireShark, Sleuth Kit/Autopsy, Splunk, Snort, or EDR tools like Crowdstrike/Carbon Black.
• All-source research experience.
• Certifications: GCFA, GCFE, EnCE, CCE, CFCE, CISSP.

Culture & Benefits

• Collaborative environment with talented teams focused on innovation and solving complex cybersecurity challenges.
• Opportunity to work on critical missions supporting U.S. Government agencies and critical asset owners.
• Equal Opportunity Employer committed to diversity and inclusion.