Bachelor's degree in Cybersecurity, Digital Forensics, Computer Science, or related field.
7+ years of experience in digital forensics, incident response, or cybersecurity analysis.
Experience with forensic tools (e.g., EnCase, FTK, Autopsy, Volatility, Splunk).
Knowledge of evidence handling, chain of custody, and legal considerations.
Requirements:
Conduct digital forensic investigations across cloud, endpoint, and network environments; collect, preserve, and analyze digital evidence in accordance with federal and legal standards.
Support incident response activities, including triage, root cause analysis, and post-incident reporting; analyze security logs, telemetry, and datasets to identify indicators of compromise (IOCs) and attack patterns.
Maintain chain of custody and forensic integrity of all collected evidence; develop forensic reports and documentation suitable for legal, audit, and executive audiences.
Collaborate with SOC analysts, engineers, and threat intelligence teams to enhance detection and response capabilities; support threat hunting by analyzing historical and real-time data for anomalous behavior.
Job description
cFocus Software seeks a Forensics / Data Specialist to join our program supporting Housing and Urban Development (HUD). This position is remote. This position requires a Public Trust clearance. Qualifications:
Bachelor’s degree in Cybersecurity, Digital Forensics, Computer Science, or related field.
7+ years of experience in digital forensics, incident response, or cybersecurity analysis.
Experience with forensic tools (e.g., EnCase, FTK, Autopsy, Volatility, Splunk).
Knowledge of evidence handling, chain of custody, and legal considerations.
Duties:
Conduct digital forensic investigations across cloud, endpoint, and network environments.
Collect, preserve, and analyze digital evidence in accordance with federal and legal standards.
Support incident response activities, including triage, root cause analysis, and post-incident reporting.
Analyze security logs, telemetry, and datasets to identify indicators of compromise (IOCs) and attack patterns.
Perform malware analysis, file system analysis, and memory forensics.
Support breach investigations, eDiscovery, FOIA, and audit-related forensic requests.
Maintain chain of custody and forensic integrity of all collected evidence.
Develop forensic reports and documentation suitable for legal, audit, and executive audiences.
Collaborate with SOC analysts, engineers, and threat intelligence teams to enhance detection and response capabilities.
Support threat hunting by analyzing historical and real-time data for anomalous behavior.
Leverage SIEM and forensic tools to correlate events and reconstruct attack timelines.
Ensure compliance with NIST, FISMA, and federal cybersecurity standards.
Contribute to development of forensic processes, playbooks, and standard operating procedures (SOPs).
Support continuous monitoring by identifying trends and improving forensic readiness.
Provide recommendations for improving logging, data retention, and evidence collection capabilities.
