AOUSC - Forensic and Malware Lead

cFocus Software Incorporated • $100K — $130K *

Washington, DC 20011In-Person

Information Technology

5 - 7 years of experience

1 week ago

By clicking Apply, I agree with Ladders' Terms of Use and Privacy Policy

Job Overview by Ladders

Qualifications

Active Public Trust clearance
B.S. in Computer Science, Information Technology, or related field
5 years in Incident Response (IR) in a large SOC, with 3 years in digital forensics
3 years of experience in disk, memory, and registry analysis using tools like EnCase and FTK
In-depth knowledge of file systems and OS artifacts (e.g., SRUM, Shellbags)
Familiarity with federal evidence guidelines
Relevant certifications such as GCFA, GREM, CFCE, or OSED

Responsibilities

Lead digital forensics and malware analysis for AOUSC Security Operations Division
Provide expertise for investigations in various environments including Windows, Linux, and cloud
Perform malware analysis to identify IOCs and TTPs
Analyze forensic data and telemetry to uncover malicious activities
Coordinate with teams for incident response and containment
Conduct live forensic analysis with tools such as Splunk and Microsoft Sentinel
Preserve digital evidence following chain-of-custody procedures
Develop forensic and malware analysis reports according to SOC SOPs
Support investigations of APTs, ransomware, and phishing threats
Extract hidden data using forensic recovery techniques
Review forensic deliverables for accuracy and compliance
Participate in cybersecurity reporting and continuous improvement initiatives

Benefits

Hybrid work environment with onsite presence in Washington, DC
Opportunity to work in a critical federal government role
Engagement with advanced cybersecurity technologies and tools
Collaborative work within a specialized government operations team
Potential impact on national cybersecurity through support of judicial operations
Continuous learning and professional development in digital forensics

Full Job Description

cFocus Software seeks a Forensic and Malware Lead to join our program supporting the Administrative Office of the United States Courts (AOUSC). This position is Hybrid with the onsite location being in Washington, DC. This position requires a Public Trust clearance.
Qualifications:

Active Public Trust clearance
B.S. Computer Science, Information Technology, or a related field
Five (5) years within IR in a large SOC (over 5,000 endpoints) with at least 3 years focused on digital forensics for Operating System or file systems.
Three (3) years of demonstrated expertise in disk, memory and registry analysis using industry standard tools such as EnCase, FTK, X-Ways, Volatility.
Demonstrated understanding of file systems and Operating System artifacts including but not limited to (SRUM, Shellbags and Prefetch).
Familiarity with federal evidence guidelines and chain of custody requirements.
This role aligns with NICE work role PD-WRL-002 (Digital Forensics).
Active GCFA, GREM, CFCE, or OSED certification

Duties:

Lead digital forensics and malware analysis activities in support of AOUSC Security Operations Division (SOD) operations.
Provide advanced subject matter expertise for forensic investigations involving Windows, Linux, macOS, cloud, and enterprise environments.
Perform static and dynamic malware analysis to identify indicators of compromise (IOCs), attacker tactics, techniques, and procedures (TTPs), and root cause.
Analyze forensic artifacts, memory images, endpoint telemetry, SIEM data, and filesystem timelines to identify malicious activity and intrusion vectors.
Coordinate with Cybersecurity Triage and Incident Response teams to support investigation, escalation, containment, remediation, and recovery activities.
Conduct live forensic analysis utilizing Splunk Enterprise Security, Microsoft Sentinel, EDR tools, and AO-provided investigative tooling.
Collect, preserve, duplicate, and maintain digital evidence in accordance with forensic evidence handling and chain-of-custody procedures.
Develop forensic reports, malware analysis reports, incident artifacts, and technical documentation in accordance with Judiciary SOC Forensics SOPs and JSOCIRP requirements.
Provide real-time investigative support for Priority 1 and Priority 2 cybersecurity incidents.
Support analysis of advanced persistent threats (APT), ransomware, phishing campaigns, malicious scripts, and suspicious binaries.
Perform memory analysis using approved forensic tools such as Volatility and other Judiciary-approved forensic platforms.
Extract deleted or hidden data using forensic data carving and recovery techniques.
Conduct analysis of endpoint, network, identity, and cloud telemetry to support incident investigations and threat hunting operations.
Coordinate escalation and communication of investigative findings to AO leadership, incident responders, SOC management, and federal staff.
Review and validate forensic and malware analysis deliverables to ensure technical accuracy, completeness, and compliance with SLA requirements.
Develop and maintain forensic analysis procedures, malware analysis SOPs, investigative work instructions, and operational playbooks.
Support enterprise security awareness reporting by contributing forensic findings, threat trends, and investigative recommendations.
Participate in weekly technical meetings, operational briefings, and cybersecurity reporting activities.
Support continuous process improvement initiatives related to digital forensics, malware analysis, investigative workflows, and incident response operations.
Assist in transition-in and transition-out activities including knowledge transfer, operational readiness, training, and documentation support.

About cFocus Software Incorporated

Established in 2006, cFocus Software has provided IT services to Federal Government agencies for over 10 years. And they’re just getting started! Follow us as they continue to innovate and serve their federal government customers.

cFocus Software Incorporated Careers

Joining cFocus Software Incorporated presents an unparalleled opportunity to become part of a leading team of professionals dedicated to pioneering innovations in the technology sector. As a company renowned for its commitment to excellence and growth, cFocus Software Incorporated offers a range of job opportunities designed to empower career advancement and professional development.

Explore Career Opportunities

cFocus Software Incorporated is actively hiring and offers a variety of positions that cater to a range of skills and experiences. Whether you're looking for an entry-level role or a senior leadership position, cFocus Software Incorporated provides a platform to enhance your career. Explore open positions that align with your professional interests and expertise.

Innovative Work Environment

cFocus Software Incorporated is committed to innovation and leadership in the technology industry. The company encourages a culture of creativity and problem-solving, where each team member’s contribution is valued. Professionals at cFocus Software Incorporated work on cutting-edge projects that push the boundaries of technology and have a lasting impact on clients and communities.

Professional Growth and Development

cFocus Software Incorporated believes in nurturing the growth of its employees through comprehensive professional development and diversity training programs. These initiatives ensure that every team member has the tools and knowledge necessary to succeed. Employees are encouraged to take on challenging projects that foster personal and professional growth.

Internship Programs

For those starting their careers, cFocus Software Incorporated offers internship programs that provide a robust foundation in technology and business practices. Interns gain hands-on experience, working alongside seasoned professionals and participating in projects that offer real-world applications and outcomes.

Benefits and Culture

cFocus Software Incorporated is dedicated to supporting its employees with a competitive array of benefits. The company prioritizes work-life balance, health, and well-being, ensuring that the team can perform at its best. cFocus Software Incorporated's inclusive culture promotes diversity and equal opportunity, making it a great place to work for individuals from all backgrounds.

Networking and Leadership Opportunities

Employees at cFocus Software Incorporated have numerous opportunities to engage in networking and leadership activities. These opportunities allow for career advancement and the development of new skills through interaction with industry leaders and peers.

Applying for a Position

To apply for a position at cFocus Software Incorporated, candidates should prepare their resume to highlight relevant experience and skills. The interview process is designed to assess fit both for the role and the company culture. cFocus Software Incorporated seeks passionate, curious, and innovative team players who are ready to drive change.

Stay Connected with cFocus Software Incorporated Careers

Keep up to date with the latest from cFocus Software Incorporated by following the careers blog. Gain insights from industry leaders and get tips on everything from crafting your resume to acing your next interview.

Join the cFocus Software Incorporated Team

Search for job opportunities and find the position that matches your skills and passions. With cFocus Software Incorporated, embark on a rewarding career path filled with excellent benefits, a supportive culture, and endless opportunities for growth.

SEARCH cFOCUS SOFTWARE JOBS

READ CAREERS BLOG

Job Alert Emails

Personalize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Discover the exciting and rewarding opportunities that await at cFocus Software Incorporated.

Learn more about cFocus Software Incorporated

Size

11 employees

Industry