Cyber Command Forensic Analyst

Cyber Command Forensic Analyst

Note: Zoom Call is mandatory with PV please provide Candidates availability for 15 mins call

HYBRID: Brooklyn NY 112381

Assignment Title: Cyber Command Forensic Analyst
Work Arrangement: Hybrid (3 days on-site / 2 days remote)
Work Location: 11 MetroTech Center Brooklyn NY 11201

The Cyber Command Forensic Analyst will lead and support digital forensic investigations related to cybersecurity incidents network intrusions and other unauthorized activities. The analyst will determine the cause scope and operational impact of cyber events while ensuring all evidence is collected preserved and analyzed according to industry standards and legal requirements. This role also supports the enhancement of forensic methodologies maintains critical analysis tools and labs and provides hands-on assistance to the Cyber Emergency Response Team during major incidents.

• Conduct detailed investigations of network intrusions and cybersecurity incidents to determine origin method of attack timeline and impact.
• Perform comprehensive host-based and network-based forensic analysis across diverse systems and platforms.
• Research develop and refine forensic techniques tools and procedures to continuously improve investigative capabilities.
• Produce clear accurate and concise written reports outlining complex technical findings for various stakeholders.
• Maintain and administer forensic laboratories toolsets imaging hardware storage systems and software used for digital investigations.
• Ensure evidence is acquired preserved and stored in compliance with chain-of-custody standards and forensic best practices.
• Assist the Cyber Emergency Response Team (CERT) during critical incidents and high-priority response scenarios.

(Applicants without these qualifications will not be considered.)

• Minimum 8 years of experience in Threat Management Digital Forensics or Incident Response environments.
• Demonstrated ability to perform digital forensic investigations across multiple operating systems and platforms.
• Strong understanding of forensic processes investigative methodologies and industry-standard analysis tools.

• Hands-on experience with tools such as FTK X-Ways SIFT AXIOM EnCase and similar forensic suites.
• Experience using memory analysis tools (e.g. Volatility MemProcFS).
• Strong working knowledge of Linux and open-source analysis tools.
• Experience analyzing intrusions and system artifacts across Windows Linux/UNIX and macOS environments.
• Experience performing forensic collections in cloud environments (AWS Azure GCP).
• Knowledge of virtual environments forensic imaging techniques and file system structures.
• Deep understanding of OS artifacts logs registry data and system traces.
• Strong analytical and problem-solving skills with the ability to correlate evidence across multiple data sources.