Cyber Defense Forensics Analyst

We are seeking a Mid-Level Cyber Defense Analyst to support incident response and threat analysis operations for federal government systems. This position is located in Washington, DC and requires a Top Secret clearance.

Position Description:
The Cyber Defense Analyst will coordinate incident response activities and provide technical analysis of security events across the enterprise. Key responsibilities include:

• Perform incident response coordination and triage
• Analyze security logs and threat indicators
• Conduct forensic collection and analysis
• Monitor and investigate security alerts
• Coordinate with intelligence teams
• Track and document security incidents
• Implement defense-in-depth strategies
• Analyze malware and intrusion artifacts
• Monitor external threat sources
• Provide technical support to security teams
• Develop incident response documentation
• Maintain security metrics and reporting

Required Education and Experience:

• 4+ years of experience in cyber defense and incident response
• Active Top Secret clearance
• Experience with security tools and technologies
• Background in incident handling and response

Required Skills and Competencies:

• Strong knowledge of incident response procedures
• Experience with log analysis and correlation
• Proficiency in security monitoring tools
• Knowledge of forensic collection methods
• Understanding of malware analysis
• Experience with IDS/IPS systems
• Strong analytical and problem-solving skills
• Ability to perform trend analysis
• Knowledge of defense-in-depth principles
• Experience with security documentation
• Strong communication abilities
• Expertise in threat analysis

Desired Skills and Competencies:

• Bachelor's degree in related field
• Security certifications (e.g. Security+, GCIH, CEH, GCTI, GREM, GCFA)
• Experience with SIEM platforms (e.g. Splunk)
• Knowledge of threat intelligence
• Expertise in network security

• Experience with forensic tools (e.g., Forensic Tool Kit [FTK], Foremost, EnCase)

• Background in vulnerability management
• Understanding of APT tactics
• Experience with enterprise security tools (e.g. Tenable Nessus, WebInspect, Splunk, and BigFix)
• Knowledge of federal security requirements
• Programming/scripting capabilities

This position requires flexibility to support 24/7 incident response operations and may include on-call responsibilities.