Cyber Network Defense Analyst (CNDA) III – Cloud Forensics
Tasks
- Analyze forensic artifacts
- Conduct forensic acquisition
- Correlate cloud telemetry and network evidence
- Develop analytical playbooks
- Develop detection logic
- Improve detection and response posture
- Investigate cloud control plane intrusions
- Investigate identity and credential abuse
- Perform threat hunting
- Produce technical reports
- Reconstruct attacker timelines
- Support forensics workflow improvements
- Support incident response procedure improvements
- Triage alerts and assess risk
Perks/Benefits
Skills/Tech-stack
AWS CloudTrail | AWS GuardDuty | AWS IAM | Activity logs | Azure Activity Logs | Bash | Cloud Forensics | Cloud telemetry | Credential abuse | Digital forensics | Docker | Entra ID | Flow Logs | GCP Chronicle | GCP Logs | IaaS | Identity Security | Incident Response | Indicator of Compromise | JavaScript | Kubernetes | M365 | MITRE ATTACK for Cloud | Microsoft Defender | Microsoft Entra | Microsoft Entra ID | Microsoft Sentinel | Mitre Attack | PaaS | Powershell | Python | SaaS | Terraform | VPC Flow Logs | VPC flow
Education
Bachelor of Engineering | Bachelor of Science | High School Diploma
Related jobs
-
Access Control | Application Security | Applied cryptography | Artificial Intelligence | Artificial Intelligence SecuritySenior-level Full TimeSunnyvale, CA, USA; Kirkland, WA, USA2h ago
-
Application Security | Attack Vectors | CNAPP | CVE | CVSSMid-level Full TimeNew York, NY, USA2h ago
-
Cloud Security Engineer USD 85K-100KActive Directory | Anti-spam | Automation | Azure Active Directory | CIS BenchmarksIndependent work environment | Remote work abilitySenior-level Full TimeUnited States - Remote R18h ago
-
Level 2 Cyber Security Analyst USD 100K-100KAuthentication | Bash | Crowdstrike EDR | DNS | Defender for EndpointOn-call rotation | Remote work | Training and academy enrollmentMid-level Full TimeDenver, CO R18h ago
-
Blue Team Operator USD 127K-138KBurp Suite | Digital forensics | Incident Response | Kali Linux | MetasploitSCI CI-Poly eligible | Top Secret clearance | Travel up to 50 percentMid-level Full TimeWashington, DC, United States21h ago
-
Senior Tier-3 Analyst USD 115K-149KAWS GovCloud | AWS IAM | Access Management | Active Directory | Amazon Web ServicesSenior-level Full TimeFalls Church, VA, United States21h ago
-
Cloud Security Lead SME USD 140K-180KAWS GovCloud | Access Control | Access Management | Attribute-Based Access Control | Attribute-based accessSenior-level Full TimeFAIRFAX, VA, United States21h ago
-
Lead Security Engineer - IAM USD 119K-196KAWS | Active Directory | Azure | Cloud Security | ComplianceSenior-level Full TimeDes Moines, IA, United States21h ago
-
Mid-level Full TimeFrisco, TX, United States22h ago
-
Computer Network Defense Analyst (CNDA) USD 90K-160KDetection Systems | Firewalls | Host system logs | Incident Response | Infrastructure SecurityMid-level Full TimeAnnapolis Junction, MD, Dayton, OH, Honolulu, …23h ago
-
AI Security | Browser extensions | Cybersecurity | Dynamic analysis | JavaScriptMid-level Full TimeKirkland, WA, USA1d ago
-
Associate Principal, Trust and Safety, GenAI USD 142K-205KAbuse prevention | Cybersecurity | Dashboards | Data Transformation | Data VisualizationMid-level Full TimeWashington D.C., DC, USA; Seattle, WA, …1d ago
-
ME00506-Penetration Tester USD 160K-195KAgile Framework | Application penetration testing | Burp Suite | C# | Cyber Kill Chain11 paid holidays | Company sponsored group medical plan | Company-paid dental | Dental insurance | Life insuranceSenior-level Full TimeAnnapolis Junction, MD1d ago
-
Privacy Specialist USD 75K-120KAudit management | Compliance Risk | Compliance Risk Management | Data Privacy | FISMAMid-level Full TimeWashington, DC, United States1d ago
-
Cloud Security Engineer (AWS/GovCloud) USD 100K-155K800-53 | API Gateway | AWS GovCloud | Access Management | Amazon RDSSenior-level Full TimeMcLean, VA, United States1d ago
-
Cloud Solutions Engineer USD 100K-130KAKS | Azure Architecture | Azure DNS | Azure Firewall | Azure IaaSMid-level Full TimeFrisco, TX, US1d ago
-
Primavera SW Application Administrator/Analyst 3/4 USD 98K-184KAgile | CSS | Configuration Management | Database Administration | DevOps401k matching | 9/80 work schedule | Health insurance | Paid Holidays | Paid time offMid-level Full TimeUTRO03, United States1d ago
-
Associate Cyber Security Analyst (Remote) USD 61K-104KAccess Controls | Endpoint protection | Incident Response | Java | LinuxMid-level Full TimeNationwide Remote Office (US99), United States R1d ago
-
Cybersecurity Analyst - Insider Risk USD 70K-119KAlerting | Behavioral analytics | Cause analysis | DLP | Data analyticsEntry-level Full TimeUSA-MI-Ann Arbor-KLA, United States1d ago
-
Cybersecurity Specialist, Cloud Security USD 93K-140KAnomaly Detection | Detection Systems | Detection engineering | Detection rules | Digital forensicsMid-level Full TimeUSA-MN Mounds View South, United States1d ago
-
Threat Detection & Response Analyst (Tier 1) USD 80K-106KAntivirus | Cloud Security | Cyber Kill Chain | Detection and Response | Digital forensicsEducational assistance | Health and wellness benefits | Income replacement for qualified employees with disabilities | Paid Holidays | Paid Maternity LeaveMid-level Full TimeWatermark - 410 North Scottsdale Road, … R1d ago
-
Cyber Threat Detection and Hunting, AVP USD 112K-153KAI Agents | Automation | Bash | Data Parsing | Detection engineeringEducational assistance and training | Health and wellness benefits | Income replacement for qualified employees with disabilities | Paid Holidays | Paid Maternity LeaveExecutive-level Full TimeNew Jersey Office - 210 Hudson … R1d ago
-
Mid-level Full TimeNew Jersey Office - 210 Hudson … R1d ago
-
Junior Cloud/SecDevOps Engineer USD 57K-104KAWS EC2 | AWS EKS | AWS RDS | AWS S3 | Amazon CloudWatchEntry-level Full Time6924 FBI Clarksburg WV, United States1d ago
-
Mid-level Full TimeIrvine, California, United States1d ago