Cyber Security Analyst
Avalon
- Kenmore, Washington, United States
- Kenmore, Washington, United States
Über
Incident Response & Digital Forensics Analyst
to support our clients across cybersecurity, incident response, digital forensics, and threat detection.
This role is designed for a hands-on technical expert who can move quickly during an active security event and then dig deep into forensic analysis to understand what happened, how it happened, and how to help prevent it from happening again.
The ideal candidate has experience working in a SOC, incident response, or digital forensics environment and is comfortable using EDR/XDR tools, forensic analysis platforms, threat intelligence, and scripting to investigate alerts, contain threats, preserve evidence, and strengthen detection capabilities.
What You’ll Do
Monitor, analyze, and scope high-fidelity alerts escalated from Tier 1 and Tier 2 monitoring queues
Lead containment efforts during active threats, including isolating compromised systems, disabling compromised accounts, and supporting rapid response actions
Conduct proactive threat hunting using threat intelligence, behavioral indicators, and knowledge of attacker techniques
Identify signs of persistence, lateral movement, credential abuse, and living-off-the-land activity
Support post-incident reviews and help document lessons learned
Conduct host and network forensic investigations involving Windows, Linux, and cloud-based environments
Analyze forensic artifacts such as memory, event logs, registry hives, file systems, master file tables, and process activity
Determine initial access vectors, attacker timelines, persistence mechanisms, malware activity, and scope of compromise
Preserve digital evidence and maintain chain-of-custody documentation for potential litigation, regulatory, insurance, or client reporting needs
Prepare clear, detailed technical findings and post-incident reports
Tool Optimization & Detection Engineering
Help administer and maximize the use of EDR/XDR, SIEM, and alerting platforms
Develop, test, and tune detection rules, IOC blocks, and behavioral indicators
Reduce false positives while improving visibility into emerging threats
Partner with internal teams to improve response workflows, escalation paths, and security operations procedures
Use scripting and automation to streamline triage, evidence collection, and log analysis
What We’re Looking For
3 to 5+ years of experience in a SOC, incident response, digital forensics, or related cybersecurity role
Hands-on experience using EDR/XDR platforms to investigate alerts, analyze process trees, run response commands, and collect forensic data
Strong understanding of Windows and Linux operating systems, including key forensic artifacts
Experience with forensic tools such as EnCase, FTK, Magnet AXIOM, Cellebrite, or open-source equivalents
Working knowledge of PowerShell, Bash, or Python
Ability to stay calm and analytical during a live incident or data breach
Strong technical writing skills, including the ability to produce clear investigation summaries and post-incident reports
Understanding of chain-of-custody practices and evidence preservation standards
Preferred Certifications One or more of the following is helpful, but not required:
GCFA, GCFE, or GCIH
EnCE
CFCE
Security+
CySA+
Other relevant incident response, forensics, cloud security, or threat hunting certifications
Why Join Avalon? Avalon provides services across eDiscovery, managed review, digital forensics, cybersecurity, and related legal technology solutions. This role is an opportunity to join a growing technical services team and work on meaningful cybersecurity challenges for law firms, corporate legal departments, businesses, and other clients.
This is a strong opportunity for someone who wants to do more than monitor alerts. You will help investigate real threats, strengthen detection capabilities, support client-facing response work, and contribute directly to the maturity of our cybersecurity services.
Location Remote or hybrid on East Coast Time, depending on candidate location and business needs.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.