Logo
ECS

Cyber Defense Forensics Analysts - Mid

ECS, Washington

Save Job

Join to apply for the Cyber Defense Forensics Analysts - Mid role at ECS .

1 day ago Be among the first 25 applicants

Join to apply for the Cyber Defense Forensics Analysts - Mid role at ECS .

Job Description

ECS is seeking a Cyber Defense Forensics Analysts - Mid to work in our Washington, DC office.

Position Summary

ECS Federal is a leading information security and information technology company in Washington, DC. We are looking to hire a mid-level Cyber Defense Forensics Analyst to support a full range of cyber security services on a long-term contract in Washington DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

Security Clearance Requirement

  • Active Secret clearance

Job Requirements

  • Strong written and verbal communication skills.
  • Create detections and automation to detect, contain, eradicate, and recover from security threats.
  • Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques.
  • Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTPs (Tactics, Techniques, and Procedures).
  • Conduct proactive hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities.
  • Solid knowledge of TCP/IP networking, and network services such as DNS, SMTP, DHCP, etc.
  • Understanding of attacker tradecraft related to email, app-based, cloud threats, and defensive tactics.
  • Good knowledge of operating system internals, OS security mitigations, and security challenges in Windows, Linux, Mac, Android & iOS platforms.
  • Experience with forensic tools (e.g., EnCase, Sleuthkit, FTK).
  • Ability to analyze malicious code (malware forensics).
  • Skill in analyzing code as malicious or benign.
  • Knowledge of system and application security threats and vulnerabilities.
  • Apply threat hunting and the MITRE ATT&CK framework to identify and develop detection capabilities.

Certifications/Licenses

  • Bachelor’s degree or higher.
  • 5+ years’ experience in cyber threat hunting and forensics support for incident response.
  • Active Secret clearance or higher.

Salary Range:

$102,600 - $117,500

Responsibilities

  • Identify threat tactics and methodologies using frameworks like MITRE ATT&CK.
  • Perform hypothesis-based or intelligence-based cyber threat hunts.
  • Use cloud-native techniques for threat detection and response.
  • Research intelligence reports for actionable data.
  • Analyze large datasets to uncover attack techniques.
  • Investigate and analyze intrusion artifacts.
  • Create forensic images and maintain chain of custody.
  • Report findings and ensure evidence integrity.
  • Extract data using forensic techniques.

Desired Skills

  • Exposure to Python, PowerShell, or bash.
  • Proficiency with SIEM query languages (Splunk, Sentinel).
  • Experience producing threat intelligence reports.
  • Ability to analyze memory dumps and media forensics.

ECS is an equal opportunity employer and does not discriminate on any protected characteristic.

#J-18808-Ljbffr