Cyber Command Forensic Analyst - CCFA 25-33926

Title: Cyber Command Forensic Analyst
Location: Brooklyn, NY
Duration: 2 Years

Job Description

The Cyber Command Forensic Analyst will support the client’s ability to respond to citywide cybersecurity incidents and lead investigative efforts. This role is critical for minimizing the likelihood and impact of cyber events that could otherwise require extensive remediation.

Scope of Services

The Forensics Analyst is responsible for investigating network intrusions and cybersecurity events to determine their cause, scope, and impact. This role involves performing advanced digital forensics across multiple platforms and environments.

Key Tasks

• Research, develop, and implement new methodologies to strengthen digital forensics capabilities.

• Produce high-quality written reports clearly presenting complex technical findings.

• Manage and maintain analysis labs, forensic tools, systems, and environments.

• Ensure proper collection, preservation, and documentation of digital evidence according to industry best practices and integrity standards.

• Support the Cyber Emergency Response Team during critical security incidents.

• Conduct host-based and network-based forensic analysis to investigate intrusions, breaches, and cyber incidents.

Mandatory Skills / Experience

(Candidates without the mandatory skills will not be considered.)

• Minimum 4 years of experience in Threat Management, Digital Forensics Investigations, or Incident Response.

• Proficiency conducting digital forensic investigations across various platforms and operating systems.

• Deep understanding of digital forensics tools, processes, methodologies, and investigative workflows.

Desirable Skills / Experience

• Experience with industry-leading forensic tools: FTK, X-Ways, SIFT, AXIOM, EnCase, etc.

• Experience with memory analysis tools: Volatility, MemProcFS.

• Experience with Linux and open-source forensic utilities.

• Background in investigating intrusions on Windows, Linux, and Unix systems.

• Experience performing forensic collections in cloud platforms (AWS, Azure, GCP).

• Knowledge of gathering, acquiring, and assessing electronic evidence across devices and systems.

• Understanding of virtual environments and virtualization artifacts.

• Knowledge of forensic imaging techniques.

• Strong knowledge of Windows OS internals and artifacts.

• Knowledge of Linux/UNIX artifacts and system forensics.

• Knowledge of macOS forensics and file system artifacts.

• Strong understanding of file systems.

• Excellent analytical and problem-solving skills.