Cyber Digital Forensics Analyst

Description:
On-site in Orange County, CA

Our client seeks a Cyber Digital Forensics Analyst to support a 24x7x365 Security Operations Center. The analyst will conduct digital media forensics, contribute to incident response, maintain and enhance the SOC forensics program, and produce clear technical reporting. The role includes shift rotations, weekend coverage, and some holidays. The initial period of performance is roughly six months with training on a day shift. Candidates must meet background clearance requirements and hold a relevant forensics certification.

This is a contract to hire opportunity. Applicants must be willing and able to work on a w2 basis and convert to FTE following contract duration. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $29.00 to $34.00/hr. w2

Responsibilities:

• Serve as the primary liaison for forensic analysis of digital media to identify, reverse engineer, and de-obfuscate content related to security incidents.
• Maintain and enhance the SOC Digital Forensics Program, including process improvements and team upskilling via drafted technical reports.
• Support SOC operations for security incidents across hosts, networks, identities, and cloud environments.
• Develop and report cyber threat intelligence derived from forensic investigations.
• Identify, develop, and implement automation tasks for the SOC Forensics Program.
• Research, evaluate, and recommend security tools, techniques, and technologies aligned with security strategy.
• Use COTS/GOTS and custom tools and procedures to scan, identify, contain, mitigate, and remediate vulnerabilities and intrusions.
• Analyze and validate security requirements and recommend additional safeguards.
• Provide occasional briefings to senior staff on forensic findings.

Experience Requirements:

• Programming experience with Python, C++, or JavaScript.
• Evidence acquisition and Chain of Custody processes.
• Host, cloud, identity, and network forensics experience.
• Packet capture, volatile memory, and suspicious script analysis experience.
• Familiarity with physical device imaging software and digital forensics tools.
• Knowledge of IDS/IPS, firewalls, and anti-malware technologies.
• Incident response experience.
• Experience analyzing security alerts in Microsoft Sentinel SIEM or similar tools.
• Malware analysis technical report writing.
• Adherence to SOC standard operating procedures.
• Ability to work shifts including weekends and some holidays in a 24x7x365 environment; shift rotation expected with reasonable notice.
• Strong interpersonal skills and ability to handle multiple tasks.

Education Requirements:

• Bachelor's degree in a related field preferred. A Bachelor's degree with 0 years of related experience required; 2 years of related experience highly preferred. Additional experience may substitute for education.
• Certification required: MCFE, EnCE, DFE, GCFA, or similar industry-related certification(s).
• Clearances required: County Live Scan, Child Support Services (CSS) Background Clearance, and County Probation (PROB) Background.