Cyber Command Forensic Analyst

Location: Brooklyn, NY 11201
Duration: 2 Years
Schedule: Monday Friday, 35 hours/week (Overtime requires prior approval)

Overview

A Cyber Command Forensic Analyst is needed to support mission-critical cybersecurity operations, including incident response, forensic investigations, and emergency cyber support. The analyst will help safeguard citywide systems by identifying, analyzing, and mitigating cyber incidents while ensuring evidence integrity and supporting incident response processes.

This role requires hands-on experience with digital forensics, threat investigations, and advanced analysis across multiple operating systems and platforms.

Key Responsibilities

• Conduct forensic investigations of network intrusions and cybersecurity incidents to determine cause, impact, and scope

• Perform host-based and network-based forensic analysis across multiple operating systems

• Support critical cyber incidents as part of the Cyber Emergency Response Team

• Research and develop new forensic techniques, tools, and methodologies to enhance investigative capabilities

• Produce high-quality written reports explaining complex technical findings clearly and concisely

• Maintain forensic labs, tools, and investigative environments

• Ensure proper evidence handling, preservation, and chain-of-custody compliance

• Assist with data collection, imaging, and integrity validation

• Investigate activity across Windows, macOS, Linux/Unix, virtual systems, and cloud platforms

Mandatory Skills & Experience

Candidates lacking these requirements will not be considered.

• Minimum 4 years experience in Threat Management, Digital Forensics, or Incident Response

• Strong proficiency in performing digital forensic investigations across multiple platforms

• Deep understanding of forensic processes, methodologies, and tools

Desirable Skills & Experience

• Experience with forensic tools such as: FTK, X-Ways, AXIOM, EnCase, SIFT

• Memory analysis experience using Volatility, MemProcFS, etc.

• Linux and open-source forensic tools exposure

• Experience investigating intrusions on Windows, Linux/Unix

• Cloud forensics experience in AWS, Azure, Google Cloud Platform

• Knowledge of forensic imaging techniques and evidence handling

• Expertise in Windows, Linux/UNIX, and macOS artifacts

• Understanding of file systems and OS internals

• Experience with virtual environments

• Strong analytical and investigative skills

Ideal Candidate Profile

• 4+ years hands-on digital forensics or cyber incident response experience

• Skilled in full-scope forensic investigations (host & network)

• Experienced with a broad range of forensic and memory tools

• Strong cross-platform OS forensic artifact knowledge

• Cloud forensics background (AWS/Azure/Google Cloud Platform)

• Ability to maintain forensic labs, tools, and documentation

• Proven ability to write clear, concise investigative reports

• Strong analytical thinking and ability to reconstruct attacker activity

• Experience supporting high-severity cyber events or emergency response teams

• Thorough understanding of evidence preservation and chain-of-custody requirements

• Detail-oriented, self-sufficient, and able to operate in high-pressure cyber environments