Security Analyst - Forensics & Malware AnalysisHarmonia | Revolutional • United States
Security Analyst - Forensics & Malware Analysis
Harmonia | Revolutional
- United States
- United States
À propos
Revolutional delivers advanced technology solutions and mission support to federal agencies across civilian, health, and national security environments. We apply modern capabilities, including AI/ML, cloud, cybersecurity, and IT modernization to solve complex challenges, enable faster and more secure operations, and drive measurable mission outcomes. We are redefining how federal technology gets built and delivered by operating with a product mindset, prioritizing speed, ownership, and execution over bureaucracy. Title: Security Analyst - Forensics & Malware Analysis Location: Chandler, AZ or Washington, DC Terms: Full-time Clearance: Active Secret required; TS/SCI preferred Travel: 0-20% Position Description
As a Security Analyst specializing in Forensics and Malware Analysis at Revolutional, you are the person the team calls when an incident goes deep. You conduct digital forensic investigations and malware analysis on compromised systems, media, and artifacts to determine scope, attribution, and impact — and you produce findings that drive response decisions and inform the broader security posture. You are a technical specialist, not a generalist. You bring extensive hands-on experience with digital media analysis, forensic tooling, and malware reverse engineering. You work independently on complex investigations, maintain rigorous chain of custody, and translate technical findings into clear, actionable reporting for both technical peers and program leadership. Responsibilities
Conduct digital forensic investigations on compromised endpoints, servers, storage media, and network artifacts, maintaining proper chain of custody throughout Perform static and dynamic malware analysis to identify malware behavior, capabilities, persistence mechanisms, and indicators of compromise (IOCs) Analyze memory dumps, disk images, log files, and network captures to reconstruct attack timelines and determine scope of compromise Identify and extract IOCs from forensic investigations and malware samples; coordinate with threat intelligence and SOC teams to operationalize findings Support incident response activities by providing forensic analysis that informs containment, eradication, and recovery decisions Produce clear, thorough forensic reports and malware analysis write-ups suitable for technical teams and executive audiences Maintain and operate forensic lab environments, tools, and procedures in accordance with program and federal evidentiary standards Contribute to development and refinement of forensic and malware analysis procedures, playbooks, and tooling Stay current on adversary tradecraft, malware families, and emerging analysis techniques relevant to the federal threat landscape Support classified incident investigations as required, handling evidence and findings in accordance with applicable security protocols What You Bring (Requirements)
Baseline Requirements
Bachelor's degree in Computer Science, Information Security, Digital Forensics, or related field (or equivalent experience) 5 or more years of security-related experience, with extensive hands-on experience in digital media analysis and digital forensics Active Secret clearance; Top Secret/SCI eligibility required Technical & Domain Capabilities
Extensive experience with digital forensic methodologies: disk and media acquisition, file system analysis, artifact recovery, and timeline reconstruction Hands-on malware analysis experience including static analysis (disassembly, code review) and dynamic analysis (sandboxing, behavioral observation) Proficiency with industry-standard forensic tools such as EnCase, FTK, Autopsy, Volatility, IDA Pro, Ghidra, or equivalent Experience analyzing Windows, Linux, and/or cloud-based environments for signs of compromise and attacker activity Familiarity with network forensics: packet capture analysis, NetFlow, proxy logs, and identifying lateral movement or exfiltration artifacts Understanding of attacker TTPs, kill-chain methodology, and MITRE ATT&CK framework as applied to forensic analysis Experience producing forensic reports and malware analysis documentation that meet legal and evidentiary standards Core Strengths
Technically deep and intellectually rigorous — you dig until you find the answer and don't stop at surface-level findings Detail-oriented with strong documentation discipline; your work product holds up under scrutiny Able to work independently on complex, ambiguous investigations without needing constant direction Communicates technical findings clearly to both technical peers and non-technical leadership Certifications
One certification from each of the following groups is required: Group 1 — Security Specialty
CISSP Associate, CCSP, SSCP, GMON, GCIH, GCIA, GECD, CEH, or CASP+ Group 2 — DoD 8570 CSSP
Any certification qualifying under the DoD 8570 CSSP Analyst, Infrastructure Support, or Incident Responder categories, or other similar certifications as approved Nice to Have (Differentiators)
Forensics-specific certifications: GCFE, GCFA, GNFA (GIAC), EnCE (EnCase), or CFCE (Certified Forensic Computer Examiner) Malware analysis certifications: GREM (GIAC Reverse Engineering Malware) or equivalent Experience conducting forensic investigations in classified or law enforcement environments Familiarity with mobile device forensics, cloud forensics, or memory forensics at advanced levels Experience supporting legal proceedings or law enforcement actions with forensic findings Active TS/SCI clearance
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.