Digital Forensic

Responsibilities:

• Serve as Tier 3 escalation point for SOC analysts
• Conduct cybersecurity incident investigations and forensic analysis
• Perform root cause and impact analysis; develop technical reports
• Utilize forensics tools (FTK 4 , EnCase, AXIOM, etc.) for compromised systems
• Support malware analysis and reverse engineering of attacker tools 7 years
• Develop and fine-tune SIEM rules (Splunk preferred)
• Mentor/train SOC staff on event analysis and SIEM tools
• Monitor, detect, and correlate network threats
• Analyze network traffic and PCAP data (Wireshark, Network Miner, etc.) 6 yrears
• Engage in proactive threat hunting and intelligence gathering
• Communicate findings effectively with stakeholders and agency customers
• Develop and refine incident response processes and standards
• Participate in on-call rotation (after-hours/weekend support may be required)

Qualifications:

Education & Experience:

• Bachelor s in Computer Science, Info Systems, Engineering, or related field with 4+ years of relevant experience
• OR Associate degree with cyber certifications and 5+ years of experience

Required Skills & Certifications:

• Proficiency with SIEM tools Splunk Enterprise Security preferred 7 yeats
• Experience with forensic imaging and analysis tools (FTK, EnCase, Sleuthkit, etc.)
• Network traffic analysis tools (Wireshark, TCPDump, etc.)
• Memory forensics tools (Volatility, SANS SIFT, Magnet RAM Capture) 4 yrats
• Experience with EDR solutions (e.g., Tanium, McAfee) 6 years
• Strong understanding of incident response frameworks and TTPs

Preferred Skills (Not Required):

• Malware analysis: static/dynamic techniques (IDA Pro, Ghidra, REMux, etc.)
• Experience with anti-forensics, obfuscation, and packing methods
• YARA rule creation and use
• Programming/scripting skills: Python, Perl, C/C++, Go
• Highly Desired Certifications:
• CFCE, CHFI, GCFE, CCE, CEH, GREM, CREA

You ll have (Qualification & Experience):

Bachelor's Degree in related field is required