Forensics Analyst Jobs in the United States

System One

$200000 - $225000

MD, Maryland

PREFERRED QUALIFICATIONSBachelor's degree in a technical field such as Telecommunications, Computer Science, Engineering, Mathematics, Physics, Computer Forensics, Cyber Security, IT, Information Systems, Networking and Telecommunications, or similar. RESPONSIBILITIESYou will help drive critical network exploitation efforts and enable enhanced operational awareness through the following responsibilities: Conduct active and passive reconnaissance to identify network devices, services, and protocols.

Artech LLC

CHANDLER, AZ

Proficiency in at least three of the following technologies: Splunk, XSOAR, CrowdStrike, FireEye, Google Chronicle, Azure, Twinwave, Akamai. This role is an excellent opportunity for individuals looking to take on more challenging projects or explore opportunities outside their comfort zone.

Harmonia Holdings Group, LLC

Washington, DC

Harmonia Holdings Group, LLC is an award-winning, rapidly growing federal government contractor committed to providing innovative, high-performing solutions to our government clients and focused on fostering a workplace that encourages growth, initiative, creativity, and employee satisfaction. To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily.

cFocus Software Incorporated

Rockville, MD

cFocus Software seeks a Digital Forensics Analyst to join our program supporting the Department of Health and Human Services (HHS) This position is remote. Perform forensic acquisition and analysis of endpoints, servers, cloud workloads, network traffic, logs, and removable media.

EY

$91100 - $170400

Olympia, WA

If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com . **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

GRAMMATECH

$130000 - $160000

Arlington, Virginia

Experience with a variety of the following tools: Ida-Pro, Ollydbg, X64dbg, Scyllax64, Objdump, Readelf, Ghidra, Process Explorer, CFF Explorer, Wireshark, Fiddler, Regshot, Process Monitor, and Process Hacker. With a focus on evolving cybersecurity landscape, software hardening and intelligent systems, we tackle the most challenging software issues through a constant stream of highly innovative research and commercial development programs.

Argo Cyber Systems

Arlington, VA

Correlate cloud telemetry (Azure Activity Logs, AWS CloudTrail, GCP Logs, VPC Flow Logs) and network evidence to reconstruct attacker timelines and validate indicators of compromise (IOCs). Develop and deploy automated detection logic, threat-hunting scripts, and analytical playbooks using Microsoft Sentinel, Defender, AWS GuardDuty, and GCP Chronicle.

Argo Cyber Systems

Arlington, VA

Correlate cloud telemetry (Azure Activity Logs, AWS CloudTrail, GCP Logs, VPC Flow Logs) and network evidence to reconstruct attacker timelines and validate indicators of compromise (IOCs). Develop and deploy automated detection logic, threat-hunting scripts, and analytical playbooks using Microsoft Sentinel, Defender, AWS GuardDuty, and GCP Chronicle.

Peraton

$104000 - $166000

Chandler, Arizona

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field and 8 years of relevant experience; an additional 4 years will be considered in lieu of the degree requirement. You will support a 24x7 Security Operations Center (SOC) by conducting advanced digital forensics and malware analysis to investigate, contain, and remediate cyber incidents.

Quadrant Inc

Lancaster, PA

Using a wide variety of forensic tools, the Digital Forensic Analyst examines the hard drives of computers, storage devices, cell phones, PDAs, or any electronic device that may hold evidence that could be used in a court of law. Performs a variety of forensic and electronic discovery services, including digital evidence preservation, forensic analysis, data recovery, tape recovery, electronic mail extraction, and database examination.

Core One

Fort Meade, MD

Combine computer science with forensic skills to recover information from computers and storage devices to recover data like documents, photos, and e-mails from computer hard drives and other data storage devices that have been deleted, damaged, or otherwise manipulated. Provide support for CI and CT investigations; research, design, deploy, and lead training events; evaluate emerging forensic technologies; provide operational security assessments and support cyber forensic and cyber security tasks.

ManTech

Ashburn, VA

The ultimate purpose of this role is to provide the disciplined leadership and structural organization necessary to rapidly implement critical, high-impact security solutions that directly protect the Nation's digital borders while ensuring continuous, compliant contract delivery for 24x7x365 network, cyber, and cloud services. + Certified Information System Security Professional (CISSP) and at least one of the following: SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Certified Incident Handler (GCIH), SANS GIAC Certified Forensic Analyst (GCFA), SANS GIAC Certified Enterprise Defender (GCED), or other IAT Level III certification.

Peraton

$135000 - $216000

Linthicum, Maryland

Required Forensic Certification: One or more of the following - Digital Media Collector (DMC), *Digital Forensic Examiner (DFE), Cyber Crime Investigator (CCI), *Computer Hacking Forensic Investigator (CHFI), International Association of Computer Investigative Specialists (IACIS) certifications: Certified Computer Examiner (CCE) Certified Forensic Computer Examiner (CFCE), *GIAC Certified Forensic Examiner (GCFE), *GIAC Certified Forensic Analyst (GCFA), Certifications related to mobile device forensic tools (e.g. Cellebrite Certified Mobile Examiner (CCME), XRY, Oxygen Forensic® Certified Examiner (OFCE)), Certifications related to computer forensic tools (e.g., EnCase Certified Examiner (EnCE), X- Ways Professional in Evidence Recovery Techniques (X-PERT), Magnet Certified Forensic Examiner (MCFE)), Data recovery or advanced data acquisition related certifications.

KPMG LLP

Seattle, WA

Cross-Functional Integration & Alignment to include leading collaboration efforts with global teams and Member Firms to ensure cohesive incident response strategies, and act as a feedback loop to services and member firms with regards to lessons learned from incidents. Responsibilities: Digital Forensics & Incident Response (DFIR) Oversight & Information Handling incident oversight which includes coordination of the development and execution of information security incident response capabilities across the global network, which include Information incidents as well.

bdo consulting

$190000 - $269000

Los Angeles, CA

Documents, reviews, and analyzes schedules, contracts, change orders, correspondence, daily reports, meeting minutes, monthly reports, and any additional documents related to the project/file . The annual allocation to the ESOP is fully funded by BDO through investments in company stock and grants employees the chance to grow their wealth over time as their shares vest and grow in value with the firm’s success, with no employee contributions.

Nightwing

Sterling, VA

Nightwing provides HIRT remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization.

Solutions³ LLC

Arlington, VA

Solutions³ LLC is supporting our prime contractor and their U.S. Government customer on a large mission-critical provide remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based, and cloud-based cybersecurity analysis capabilities. Required Education: BS in Computer Science, Cybersecurity, Computer Engineering or related degree; or HS Diploma and 10+ years of host or digital forensics experiencePowered by JazzHR.

H4 Enterprises

Arlington, VA

Insider Threat Information Systems Security - Senior Data Analyst will work closely with the Information Security team, data protection specialists, and incident response teams to prevent, investigate, and manage insider threats. The Insider Threat Information Systems Security - Senior Data Analyst will receive direct government oversight, assignments, and directions from the assigned Government Office/ Program Director, through an assigned team leader.

Markon

$110000 - $230000

Fort Meade, Maryland

If not credited toward education requirement, completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), cyber Defense Operations will be considered towards the relevant experience requirement (i.e., 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months of experience). The following may also be considered for individuals with in-depth experience that is clearly related to the position: an Associate’s degree plus 7 years of relevant experience; or at least 18 semester hours of military coursework/training in networking, computer science, or cyber topics plus 7 years of relevant experience.

Intelliswift Software Inc

Chicago, IL

Education: Bachelor's Degree or higher and 4+ years of relevant work experience in fields such as Fraud Detection, Investigations or Analytics, Financial Analysis, Cybersecurity, Criminal Justice, Digital Forensics, or a related area. High School Diploma or the equivalent and 6+ years of relevant work experience in fields such as Fraud Detection, Investigations or Analytics, Financial Analysis, Cybersecurity, Criminal Justice, Digital Forensics, or a related area.

ITrade STEM

Miami, FL

If you're passionate about blockchain technology, have a solid background in crypto investigations, excel in smart contract analysis, and enjoy mentoring others, this is your opportunity to make a difference in the rapidly evolving fields of blockchain analytics and cybersecurity. We are seeking a highly skilled professional to lead advanced blockchain investigations, analyze cryptocurrency transactions, and explore smart contract interactions.

Node.Digital

Arlington, VA

Node provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. - Collects network intrusion artifacts (e.g., PCAP, domains, URI’s, certificates, etc.) and uses discovered data to enable mitigation of potential Computer Network Defense incidents.

Carnival Global Brand

Miami, FL

Our portfolio of leading cruise brands includes Carnival Cruise Line, Holland America Line, Princess Cruises and Seabourn in North America; P&O Cruises, and Cunard Line in the United Kingdom; AIDA in Germany; Costa Cruises in Southern Europe; and P&O Cruises in Australia. Develop and implement methods for management and control of access to information resources, and provide in-depth technical assistance relating to the design and implementation of security and controls for networks, distributed systems and operating system platforms.

Artech LLC

CHANDLER, AZ

Proficiency in at least three of the following technologies: Splunk, XSOAR, CrowdStrike, FireEye, Google Chronicle, Azure, Twinwave, Akamai. This role is an excellent opportunity for individuals looking to take on more challenging projects or explore opportunities outside their comfort zone.

Oxley Enterprises®, Inc.

$93538 - $103319

null, IL

Minimum Education: Bachelors degree in computer science, cybersecurity, information technology or related field; Must have or be willing to obtain one of the following certifications: GIAC Certified Incident Handler, EC-Council's Certified Incident Handler (E|CIH), GIAC Certified Incident Handler (GCIH), Incident Handling & Response Professional (IHRP), Certified Computer Security Incident Handler (CSIH), Certified Incident Handling Engineer (CIHE), EC-Council's Certified Ethical Hacker. Oxley Enterprises®, Inc. is a certified service-disabled veteran-owned (SDVOSB), economic disadvantaged woman-owned (EDWOSB), Small Business Administration Certified 8(a), and small disadvantaged business (SDB) that has 25 years of experience building and delivering quality IT systems and programs.

Evolver Commercial

Reston, VA

Evolver Legal Services (ELS) is continuing to enhance our dynamic and experienced eDiscovery practice team with a goal of becoming an industry leader that supports commercial, legal, and federal entities as well as provides our clients maximum security and efficiency. Proficiency with data management services (e.g., loading data into database applications, conducting database search queries, developing reports for legal teams, and providing options with unique data).

GRVTY

$145000 - $175000

Honolulu, HI

In addition, it may also include engineering hardware and/or software, programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and systems administration. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis Course) may be considered towards the relevant experience requirement (i.e., 24-week JCAC course may count as 6 months of experience).

GRVTY

Fort Gordon, GA

Degree in Network Engineering, Systems Engineering, Information Technology, or related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Computer Science, Computer Forensics, Cyber Security, Software Engineering, Information Assurance, or Computer Security). In addition, it may also include engineering hardware and/or software, programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and systems administration.

GRVTY

$145000 - $175000

Fort Meade, MD

Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering. Support a wide range of data transport possibilities, such as traditional wired networks, wireless transport (including Wi-Fi and cellular), collaborative platforms such as video teleconferencing, and the hardware and software that enable it all.

GRVTY

$130000 - $160000

Fort Meade, MD

Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering. Pay Range: At GRVTY, we understand that compensation is influenced by many factors—such as geographic location, federal contract labor categories, wage rates, prior experience, skillsets, education, and certifications.

GRVTY

$130000 - $160000

Fort Meade, MD

In addition, it may also include engineering hardware and/or software, programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and systems administration. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis Course) may be considered towards the relevant experience requirement (i.e., 24-week JCAC course may count as 6 months of experience).

GRVTY

$230000 - $260000

Fort Meade, MD

In addition, it may also include engineering hardware and/or software, programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and systems administration. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis Course) may be considered towards the relevant experience requirement (i.e., 24-week JCAC course may count as 6 months of experience).

Vexterra Group

Bethesda, MD

Ability to design, implement and document computer forensics services to include evidence seizure, computer forensic analysis and data recovery. Working experience conducting intelligence analysis and writing finished intelligence reporting with high quality and with minimal revision.

Contact Discovery Services LLC

Philadelphia, PA

Experience preserving desktops, laptops, mobile devices/tablets, servers, both cloud and on-premise email implementations, nontraditional cloud data sources, social media, etc. in a forensically sound manner. 6+ years of relevant experience in where the analyst understands the forensic lifecycle and can properly perform scoping activities, evidence acquisitions on a range of devices, and execute forensic analysis at an expert level.

Contact Discovery Services LLC

Washington, DC

3+ years of relevant experience in where the analyst understands the forensic lifecycle and can properly perform scoping activities, evidence acquisitions on a range of devices, and execute forensic analysis at an intermediate level. Experience preserving desktops, laptops, mobile devices/tablets, servers, both cloud and on-premise email implementations, nontraditional cloud data sources, social media, etc. in a forensically sound manner.

GRVTY

$230000 - $260000

Fort Meade, MD

Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering. Pay Range: At GRVTY, we understand that compensation is influenced by many factors—such as geographic location, federal contract labor categories, wage rates, prior experience, skillsets, education, and certifications.

GRVTY

$75000 - $105000

Fort Meade, MD

In addition, it may also include engineering hardware and/or software, programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and systems administration. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis Course) may be considered towards the relevant experience requirement (i.e., 24-week JCAC course may count as 6 months of experience).

Acclaim Technical Services

McLean, VA, VA

Expected to drive intelligence gathering efforts across multiple sources to support cybersecurity operations, including identifying opportunities to improve access to critical networks - This may involve partnering with other teams to develop and execute specialized intelligence campaigns. Have a basic understanding of computer networks and be able to develop and maintain expertise in a specific domain, driving the production of intelligence insights, informing operational decisions, and identifying opportunities from strategic initiatives.

Acclaim Technical Services

Annapolis Junction, MD

Analyze SIGINT and cybersecurity data at multiple levels up and down the OSI network stack and bring a solid understanding of logical/physical IP core infrastructure, communication devices and how they connect to networks, and the traffic movements in a network. Pay Range: There are many factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.

Acclaim Technical Services

Annapolis Junction, MD

Analyze SIGINT and cybersecurity data at multiple levels up and down the OSI network stack and bring a solid understanding of logical/physical IP core infrastructure, communication devices and how they connect to networks, and the traffic movements in a network. Pay Range: There are many factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.

GRVTY

$230000 - $260000

Fort Meade, MD

Degree in Network Engineering, Systems Engineering, Information Technology, or related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Computer Science, Computer Forensics, Cyber Security, Software Engineering, Information Assurance, or Computer Security). In addition, it may also include engineering hardware and/or software, programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and systems administration.

Expression

$100000 - $120000

Washington, DC

Founded in 1997 and headquartered in Washington, DC, Expression provides data fusion, data analytics, AI/ML, software engineering, information technology, and electromagnetic spectrum management solutions to the U.S. Department of Defense, Department of State, and national security community. In this role, you will provide cyber threat monitoring, analysis, and incident response support that strengthens program situational awareness and ensures resilience of critical federal networks.

St. John's University

Queens, NY

In addition to overseeing the implementation of various security measures and tools, the Analyst plays a key role in protecting user credentials, access privileges, and authentication systems, which includes supporting the Identity & Access Management (IAM) platform to ensure proper user provisioning, access governance, and role-based access control (RBAC) across systems. The Princeton Review and other top rankings consistently recognize the University’s outstanding academics, diverse student body, dynamic internship, and volunteer opportunities, focus on student life, and diverse study abroad offerings.

FHR

Dover, DE

Security Monitoring: Continuously monitor network traffic, system logs, and other security tools to detect unusual or suspicious activities that could indicate an incident or vulnerability. Log Analysis: Examine logs from a range of sources including firewalls, intrusion detection systems, antivirus software, and system endpoints to identify irregularities that may signal a threat.

Peraton

$104000 - $166000

Arlington, Virginia

Conduct digital forensic analysis of various mobile devices, computer systems, and storage media including cloud data, performing digital forensic analysis across various types of cases involving both mobile and non-mobile devices. Experience conducting forensic examinations on mobile and non-mobile digital evidence through the application of recognized scientific practices for the identification, analysis, interpretation, and presentation of digital evidence for criminal, civil, and administrative purposes.

Weeghman & Briggs LLC

$110000 - $264000

Fort Meade, MD

analyze SIGINT and cybersecurity data at multiple levels up and down the OSI network stack and bring a solid understanding of logical/physical IP core infrastructure, communication devices and how they connect to networks, and the traffic movements in a network. Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.

TPI Global (formerly Tech Providers, Inc.)

New Hyde Park, NY

This role focuses exclusively on developing and maintaining DLP policies, tuning DLP systems for optimal performance, and continuously monitoring DLP activities to prevent and detect unauthorized data access or transfer. •Lead the expansion and continuous improvement of Data Loss Prevention (DLP) initiatives across the organization, including international operations, ensuring robust policy enforcement and alignment with regulatory requirements.

TPI Global (formerly Tech Providers, Inc.)

Usually remote, IL

Conduct real-time and historical analysis using the full security suite owned by CNA including Endpoint Protection, SIEM, Firewall, Endpoint Detection & Response, Intrusion Detection Systems, Email Gateway, Web Content Filtering, Network Detection & Response, & Identity Management technology. Typically, a minimum of five years of technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination.

Weeghman & Briggs LLC

$109000 - $264000

Fort Meade, MD

If not credited toward education requirements, completion of military training in a relevant area such as JCAC (Joint Cyber Analysis Course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards relevant experience requirement (i.e., 20- to 24-week courses will count as 6 months of experience; 10-14 weeks will count as 3 months of experience). Education: Degree in Network Engineering, Systems Engineering, Information Technology, or related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Computer Science, Computer Forensics, Cyber Security, Software Engineering, Information Assurance, or Computer Security).

Weeghman & Briggs LLC

Fort Meade, MD

Qualifications: Education: Degree in Network Engineering, Systems Engineering, Information Technology, or related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Computer Science, Computer Forensics, Cyber Security, Software Engineering, Information Assurance, or Computer Security). Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.