Cloud Forensic Analyst III (Cybersecurity)

TL;DR

Cloud Forensic Analyst III (Cybersecurity): Conducting onsite incident response and network forensics for US Government agencies to mitigate cyber-attacks with an accent on breach characterization and mitigation planning. Focus on analyzing network traffic, identifying anomalies via metadata, and reconstructing malicious attacks to ensure the security of critical infrastructure.

Location: Onsite in Arlington, VA. US Citizenship and active TS/SCI clearance are mandatory.

Company

hirify.global provides advanced cyber, data operations, and intelligence mission support services to the US Government and commercial markets.

What you will do

• Coordinate preliminary incident response investigations and interface with government customers onsite.
• Determine appropriate courses of action to respond to anomalous network activity.
• Assess network topology and device configurations to identify security concerns and provide best practice recommendations.
• Collect and analyze network intrusion artifacts such as PCAPs, domains, and certificates to enable mitigation.
• Analyze malicious activity to determine exploitation methods and effects on system information.
• Handle real-time CND incidents, including forensic collections, intrusion correlation, and threat analysis.

Requirements

• U.S. Citizenship and active TS/SCI clearance required.
• Ability to obtain DHS Suitability.
• 8+ years of directly relevant experience in network investigations.
• In-depth knowledge of TCP/IP, CND policies, and standard protocols (HTTP, DNS, SSH, SMTP, etc.).
• Substantial knowledge of Splunk (or other SIEMs) and the MITRE ATT&CK framework.
• Bachelor's degree in Computer Science, Cyber Security, or related field (or HS Diploma with 10+ years of experience).

Nice to have

• Proficiency with Wireshark and carving information from PCAP data.
• Experience designing cybersecurity systems in Linux and/or Windows environments.
• Knowledge of virtualized environments and non-traditional network traffic (C2).
• Certifications: DoD 8140.01 IAT Level II, GCIA, GCIH, or SANS GIAC GNFA.

Culture & Benefits

• Collaborative environment working alongside talented professionals passionate about cybersecurity.
• Opportunity to support critical national security missions for the DHS.
• Focus on leveraging collective expertise to drive innovation and solve complex intelligence challenges.