Cyber Network Forensic Analyst IV

TL;DR

Cyber Network Forensic Analyst IV (Cybersecurity): Conducting onsite incident response investigations for civilian government agencies and critical asset owners experiencing cyber-attacks, characterizing breach severity, developing mitigation plans, and assisting with service restoration. Focus on analyzing anomalous network activity, collecting intrusion artifacts, assessing network topology, and providing real-time CND incident handling.

Arlington, VA (onsite, U.S. Citizenship and active TS/SCI clearance required)

Company

hirify.global provides full-spectrum cyber, data operations, systems integration, and intelligence mission support to intelligence community, defense, civil, and commercial markets.

What you will do

• Coordinate teams in preliminary incident response investigations and interface with customers onsite.
• Determine response actions to anomalous network activity and assess network topology for security concerns.
• Write and publish CND guidance and reports on incident findings.
• Collect network intrusion artifacts like PCAPs, domains, URIs, and certificates to enable mitigation.
• Analyze malicious network activity to identify exploited weaknesses, methods, and effects.
• Collect and analyze network device integrity data for tampering or compromise.
• Support real-time CND incident handling including forensic collections, intrusion tracking, and remediation advice.

Requirements

• U.S. Citizenship with active TS/SCI clearance and ability to obtain DHS Suitability
• 8+ years of directly relevant experience in network investigations
• In-depth knowledge of CND policies, TCP/IP protocols, standard protocols (ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS), WiFi networking, and network topologies (DMZs, WANs)
• Substantial knowledge of Splunk or other SIEMs
• Understanding of MITRE ATT&CK framework, defense-in-depth principles, and attack stages
• Ability to analyze network traffic anomalies, reconstruct attacks, and examine topologies
• BS in Computer Science, Cyber Security, Computer Engineering, or related; or HS Diploma with 10+ years experience
• Must be able to work collaboratively across physical locations

Nice to have

• Substantial knowledge of network device integrity concepts
• Proficiency with Wireshark, PCAP carving/extraction, non-traditional traffic (C2), evidence preservation
• Proficiency designing cyber security systems in Linux/Windows and virtualized environments
• DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst; GCIA, GCIH, CEH; SANS GIAC GNFA

Culture & Benefits

• Collaborative environment with talented teams focused on innovation and solving complex cybersecurity problems.
• Opportunity to support critical U.S. Government missions in cyber defense and incident response.
• Equal Opportunity Employer committed to diversity and inclusion.