Digital Forensics and Incident Response Analyst Mid-Level

Cayuse Holdings

$90K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, IT, or a related field (or equivalent experience).
  • At least 3 years of experience in digital forensics or incident response in large enterprise environments.
  • Active Top-Secret Clearance with SCI Eligibility.
  • Experience with Incident Response tools like Splunk and Microsoft Defender for Endpoint.
  • Familiarity with forensic tools such as Magnet Axiom and Cellebrite.

Responsibilities

  • Provide real-time analysis of escalated security events during incidents.
  • Analyze data from endpoints and servers to identify and mitigate suspicious activity.
  • Engage in proactive Threat Hunting to detect and address potential threats.
  • Conduct predictive analyses to enhance cybersecurity measures.
  • Write scripts for task automation and create technical summaries of findings.

Benefits

  • Medical, Dental, and Vision Insurance; Wellness Program
  • 401(k) Retirement Savings Plan with matching after one year
  • Short-Term and Long-Term Disability options
  • Flexible Spending Accounts for healthcare and commuter expenses
  • Paid Time Off
Full Job Description
Overview

The Work:

The Digital Forensics and Incident Response Mid-Level specialist is instrumental in our client's rigorous cybersecurity tasks that support and complement the senior-level roles. Leveraging specialized training and experience in Digital Forensics, Incident Response, Threat Hunting, and Malware Analysis, this position will engage directly in safeguarding sensitive networks and information systems.

Responsibilities

Key Tasks:
  • Provide real-time analysis of escalated security events to support response efforts.
  • Analyze data from endpoints, EDR systems, firewalls, and servers to identify, contain, and remediate suspicious activity.
  • Analyze malicious scripts and code to mitigate potential threats.
  • Engage in Threat Hunting operations to proactively identify and mitigate threats.
  • Conduct predictive or reactive analyses on security measures to support cyber security initiatives.
  • Create system images or capture network settings from information technology environments to preserve as evidence.
  • Forensically duplicate digital evidence to use for data recovery and analysis procedures.
  • Perform web service network traffic analysis or waveform analysis to detect anomalies, such as unusual events or trends.
  • Contribute to the analysis of cyber threat intelligence and apply findings to bolster defensive and responsive actions.
  • Post-incident analysis, assisting in identifying root causes, mining lessons learned, and reinforcing security measures.
  • Contribute to training and skill development opportunities for self and other team members.
  • Develop or refine policies and requirements for data collection, processing, and reporting.
  • Recommend cyber defense software or hardware to support responses to cyber incidents.
  • Adhere to legal policies and procedures related to handling digital media.
  • Stay current on emerging threats, attack techniques, and vulnerabilities.
  • Write and execute scripts to automate tasks, such as parsing large data files.
  • Write cyber defense recommendations, reports, or white papers using research or experience.
  • Write accurate technical summaries to report findings and recommendations.
  • Other duties as assigned.


Qualifications

Qualifications - Here's What You Need:
  • Bachelor's degree (or equivalent experience) in Cybersecurity, Information Technology, or a related field.
  • Minimum of 3 years of relevant experience in direct digital forensics or incident response within large enterprise federal government or corporate environments.
  • Active Top-Secret Clearance with SCI Eligibility.
  • Must be able to pass a background check and CI Polygraph. May require additional background checks as required by projects and/or clients at any time during employment.
  • Skilled in the use of Incident Response tools such as Splunk Enterprise Security and Microsoft Defender for Endpoint, for conducting sophisticated cyber incident monitoring and analysis.
  • Well-versed in employing forensic tools and suites such as Magnet Axiom, Exterro FTK, Cellebrite Physical Analyzer, Kape, and Open-Source tools to support investigative processes.
  • Adept at conducting open-source research to identify and understand active or potential threats.
  • Highly regarded certifications for this position include, but are not limited to:
    • GIAC Continuous Monitoring Certification (GMON)
    • GIAC Certified Incident Handler (GCIH)
    • GIAC Certified Forensic Analyst (GCFA)
    • GIAC Certified Intrusion Analyst (GCIA
    • GIAC Network Forensic Analyst (GNFA)
    • GIAC Cloud Threat Detection (GCTD)
    • GIAC Cloud Forensics Responder (GCFR)
    • GIAC Advanced Smartphone Forensics Certification (GASF)
    • GIAC Mobile Device Security Analyst (GMOB)
  • Must possess problem-solving skills.
  • Exceptional communication skills, both oral and written.
  • Must be able to work effectively in a high-stress environment during critical incidents and be adaptable to a dynamic operational speed.
  • Ability to respond to customers effectively and with a sense of urgency.
  • Proficient in Microsoft and Adobe toolsets, including Excel, Word, PowerPoint, Acrobat, etc.
  • Highly motivated with the ability to handle and manage multiple tasks at any one time
  • Ability to forge new relationships with both individuals and teams.
  • Must be a self-starter, that can work independently and as part of a team.

Desired Qualifications:
  • Relevant cybersecurity certifications such as GIAC.
  • Solid foundation in the principles and practices of digital forensics methodologies and incident handling.
  • Familiarity with cybersecurity frameworks, standards, and best practices.
  • Experience with malware analysis and reverse engineering.
  • Scripting, coding, and query language experience (PowerShell, Python, Microsoft KQL, Splunk SPL, etc)
  • Experience conducting Incident Response in AWS Cloud environments.

Our Commitment to you / overview of benefits:
  • Medical, Dental and Vision Insurance; Wellness Program
  • Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
  • Short-Term and Long-Term Disability options
  • Basic Life and AD&D Insurance (Company Provided)
  • Voluntary Life and AD&D options
  • 401(k) Retirement Savings Plan with matching after one year
  • Paid Time Off

Reports to: Lead Senior Digital Forensic Incident Response Analyst

Working Conditions:
  • Professional office environment.
  • Ability to work on-site at our client's facility.
  • Must be physically and mentally able to perform duties for extended periods of time.
  • Able to work from 8:00am to 5:00pm Central Standard time.
  • The role requires 24/7 coverage, including nights, weekends, and holidays. This is accomplished through the forwarding of calls during on-call rotation between team members as assigned to provide continual coverage. On-call coverage assignments will be coordinated with program leadership.
  • Must be able to work effectively in a high-stress environment during critical incidents and be adaptable to a dynamic operational tempo.
  • Ability to use a computer and other office productivity tools with sufficient speed to meet the demands of this position.
  • Must be able to establish a productive and professional workspace.
  • Must be able to sit for long periods of time looking at computer screens.
  • May be asked to work a flexible schedule which may include holidays.
  • May be asked to travel for business or professional development purposes.
  • May be asked to work hours outside of normal business hours.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Pay Range

USD $90,000.00 - USD $130,000.00 /Yr.

Similar Jobs

More Jobs at Cayuse Holdings

  • Business Analyst III
    $108K — $153K *
    Cedar Park, TX 78613 (Williamson County)
    Education, Government & Non-Profit
    In-Person
  • Business Intelligence Analyst
    $93K — $133K *
    Cedar Park, TX 78613 (Williamson County)
    Business Services
    In-Person
  • Senior Staff Assistant
    $120K — $130K *
    Washington, DC 20011 (District Of Columbia County)
    Business Services
    In-Person
  • Religious Freedom Analyst
    $100K — $135K *
    Washington, DC 20011 (District Of Columbia County)
    Education, Government & Non-Profit
    In-Person
  • SharePoint Migration Specialist
    $130K — $137K *
    Washington, DC 20011 (District Of Columbia County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Digital Forensics and Incident Response Analyst Mid-Level jobs: