Cyber Network Defense Analyst II

TL;DR

Cyber Network Defense Analyst II (Cybersecurity): Supporting DHS HIRT investigations by correlating forensic findings to network events, performing forensic triage, and analyzing network/host alerts to develop intrusion narratives. Focus on continual monitoring, event correlation across enterprise sources, and producing forensically sound evidence and investigative reports for incident detection, identification, and resolution.

Location: Sterling, VA

Company

hirify.global provides full-spectrum cyber, data operations, systems integration, and intelligence mission support services.

What you will do

• Correlate forensic findings with network events to develop intrusion narratives.
• Perform forensic triage (scope, urgency, potential impact) and track analysis from initial participation through resolution.
• Analyze forensic images and evidence to produce investigative write-ups and reports.
• Characterize and analyze network traffic to identify anomalous activity and potential threats; perform event correlation for situational awareness.
• Monitor and analyze network/host alerts, distinguish malicious/anomalous activity from benign activity, and document/escalate incidents.
• Assist in constructing signatures for cyber defense tools and publish CND guidance and reports.

Requirements

• U.S. Citizenship
• Active TS/SCI clearance and ability to obtain DHS Entry on Duty (EOD) Suitability
• 2+ years of direct relevant experience in cyber defense analysis using industry-standard tools
• Ability to create forensically sound evidence duplicates (forensic images) and author cyber investigative reports
• Proficiency with common operating systems (Linux/Unix, Windows) and incident handling methodologies
• Able to work collaboratively across physical locations

Nice to have

• Experience with EDR tools (e.g., CrowdStrike, SentinelOne, Cortex, Microsoft MDE, Trellix)
• Experience with host forensics tools (e.g., EnCase, FTK, X-Ways, Sleuth Kit/Autopsy), SIFT, Volatility, KAPE, Wireshark, Splunk, Elastic
• All-source research experience

Culture & Benefits

• Collaboration-focused environment supporting mission-critical DHS cyber incident response.
• Opportunity to work alongside technically skilled specialists on complex investigations.
• Engagement in proactive hunting and continual monitoring activities.

Hiring process

• Review of clearance/eligibility requirements (TS/SCI, U.S. citizenship, DHS EOD suitability).
• Interviews to assess incident response/forensics and threat hunting experience.