Cyber Forensic & Intrusion Analyst

At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.
We are hiring a skilled and experienced Cyber Forensic & Intrusion Analyst to join our team. The ideal candidate will have a comprehensive understanding of digital forensics, including dead box analysis, network forensics, and memory forensics. This role requires expertise in extracting and analyzing digital evidence from various sources, including computer systems, networks, and volatile memory. The successful applicant will be adept at utilizing cutting-edge forensic tools and techniques to investigate cyber incidents, recover data, and provide crucial insights for security investigations and legal proceedings.
Location: Morrisville, NC (with remote capabilities) 

What You'll Do

• Perform forensic analysis on hosts running Microsoft Windows, UNIX, Linux, embedded systems, and mainframes.
• Analyze log files from various sources, including host logs, network traffic logs, firewall logs, and intrusion detection system logs, to identify threats.
• Conduct deep-dive analysis of malicious links and files, both manually and through automation, to determine attacker tactics, techniques, and procedures.
• Perform forensically sound collection and analysis of system images to support incident response, mitigation, and remediation.
• Correlate incident data to identify specific vulnerabilities and provide actionable remediation recommendations.
• Leverage forensic and security tools, including Splunk, Tanium, FireEye, and SentinelOne, to conduct cyber incident response investigations.
• Work collaboratively with analysts to triage security events, respond to incidents, and manage high-impact investigations.
• Generate clear and concise reports with technical findings and executive-level recommendations.

Required: Education + Experience

• Minimum of 5 years of experience in cybersecurity incident response, digital forensics, and intrusion analysis, including dead box, network, and memory forensics.
• Strong expertise in forensic analysis, artifact examination, malware analysis, and intrusion detection.
• Proficiency in forensic tools such as Splunk, Tanium, FireEye, and SentinelOne.
• Experience analyzing security events, log files, and forensic evidence to support investigations.
• Proven ability to collaborate across diverse teams to investigate, analyze, and respond to security incidents.
• Strong communication skills with the ability to generate detailed forensic reports and executive briefings.

Preferred Certifications

• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Cyber Threat Intelligence (GCTI)
• GIAC Network Forensic Analyst (GNFA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Reverse Engineering Malware (GREM)
• Magnet Certified Forensics Examiner (MCFE)

Security Clearance

• U.S. Citizenship required
• Ability to obtain Public Trust (or higher) government clearance

#LI-LC1
Who You Are A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.Intellectually curious with a genuine desire to learn and advance your career.An effective communicator, both verbally and in writing.Customer service-oriented and mission-focused.Critical thinker with excellent problem-solving skills If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.
Who We Arephia, LLC is a Northern Virginia-based, small business established in 2011 with a focus on Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.phia values work-life balance and offers the following benefits to full-time employees: Comprehensive medical insurance to include dental and visionShort Term & Long-Term Disability 401k Retirement Savings Plan with Company MatchTuition and Professional Development Assistance Flex Spending Accounts (FSA)
phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.
Please be aware job applicants have rights under federal employment laws. You can find more information about The Family Medical Leave Act (FMLA), Know Your Rights (EEO), and Employee Polygraph Protection Act (EPPA) on The U.S. Department of Labor (DOL)’s website HERE. Frequently Asked Questions - United States Department of Labor