Job Description ECS is seeking a
Cyber Forensics Analyst to work in our
Portland, OR office.
Please Note: This position is contingent upon contract award. The Forensics Analyst Mid performs hands-on forensic analysis and malware investigation activities in support of SOC security investigations, incident response, routine memory checks, and advanced threat hunting. This role uses industry-standard forensic tools and strong investigative skills to collect, analyze, and document technical evidence.
The ideal candidate has solid cybersecurity experience, strong written communication skills, and the ability to operate resourcefully and independently while coordinating with SOC teams, data centers, and senior forensic personnel during investigations.
Key Responsibilities Digital Forensics and Investigation - Perform forensic analysis using industry-standard forensic tools and open-source DFIR utilities.
- Assist with forensic investigations involving endpoints, servers, malware, and cyber incidents.
- Analyze Windows Registry, Windows System Calls, Linux artifacts, file system data, logs, and memory artifacts.
- Create findings and technical notes that support investigative conclusions and remediation actions.
Malware Analysis and IOC Development - Analyze malware in a lab environment using standard malware analysis techniques.
- Create IOCs based on forensic and malware findings for sharing with SOC and security teams.
- Support Java code de-obfuscation and technical analysis activities within the analyst skill level.
- Escalate complex malware or reverse-engineering requirements to senior analysts or the FMAT Lead.
SOC and Incident Response Support - Assist the SOC with security investigations and incident response activities.
- Conduct routine memory checks on Linux and Windows servers as directed.
- Support proactive malware analysis, incident response, and advanced threat hunting activities.
- Communicate with different teams and data centers during investigations.
Reporting and Collaboration - Create clear investigation reports, forensic summaries, and supporting documentation.
- Communicate findings effectively to SOC analysts, incident responders, data center teams, and leadership.
- Apply strong investigative, research, and problem-solving skills to ambiguous technical issues.
- Contribute to repeatable forensic procedures, knowledge sharing, and continuous process improvement.
Required Skills - 5 to 8 years of experience in cybersecurity, digital forensics, incident response, or related cyber investigation work.
- Experience performing forensic analysis using industry-standard forensic tools and open-source tools.
- Familiarity with Windows Registry, Windows System Calls, Linux operating systems, and Java code de-obfuscation.
- Hands-on experience with Volatility or other memory forensics tools, FTK, and Wireshark.
- Ability to create IOCs based on forensic analysis and share them with other security teams.
- Ability to analyze malware in a lab environment using standard malware analysis techniques.
- Experience performing or supporting forensic investigations and incident response activities.
- Excellent written communication, resourcefulness, investigative ability, research skills, and problem-solving skills.
Desired Skills - Experience with EnCase (OpenText), Autopsy, Axiom, Zimmerman tools, and other DFIR tools.
- Experience supporting a U.S. Government civilian agency, enterprise SOC, or regulated environment.
- Experience with OllyDbg, IdaPro , or comparable reverse-engineering tools.
- Knowledge of X86 Intel Assembly Language.
Tools and Technologies - Volatility or equivalent memory forensics tools
Preferred Certifications Key Competencies - Hands-on forensic analysis
- Malware triage and IOC creation
- Research and technical problem solving
- Clear reporting and cross-team communication
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
Everforth ECS is the federal segment of
Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
Meet the challenge. Make a difference with Everforth ECS! 
Never miss an opportunity! Create an alert based on the job you applied for.
