The Role
True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that those outcomes begin and end with our people, and that is what we have built a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top-tier services to our customers. Our culture and commitment have been recognized through numerous accolades, including being named one of the Best Places to Work in 2023 in two categories (“Prosperous and Thriving” ($5MM–$50MM in gross revenue) and “Mid-Atlantic Region” (DC, DE, MD, NC, VA, WV)), and again in 2025 as a Best Places to Work honoree. In addition, True Zero earned coveted spots on the Inc. 5000 list of fastest-growing companies in America in 2022, 2023, and 2025, a testament to our sustained growth driven by our people-first approach and unwavering dedication to excellence.
Clearance Required
Top Secret/SCI
Work Location
MD
This candidate will lead digital forensics activities in support of our cyber defense mission. Additionally, this role will analyze digital evidence, support incident response and threat hunt activities, and produce findings that inform remediation, reporting, and operational decision-making. This position calls for a senior practitioner who can conduct disciplined forensic analysis in high-consequence environments and translate technical evidence into clear investigative and defensive outcomes
Position Description
- Lead digital forensics activities in support of cyber defense and incident response efforts
- Analyze digital evidence related to cybersecurity incidents and investigative activity
- Support incident response and threat hunt activities through forensic analysis and technical findings
- Conduct forensic review of systems, artifacts, logs, and related evidence sources
- Use the Cyber Kill Chain and MITRE ATT&CK to help frame investigative findings, support hunt hypotheses, and communicate attacker actions, progression, and control gaps
- Prepare technical summaries, findings, and reports to support operational and leadership decision-making
- Support evidence handling, documentation, preservation, and chain-of-custody practices
- Coordinate with cyber defense, incident response, and government stakeholders as needed
- Help identify vulnerabilities, attack methods, and technical indicators revealed through forensic analysis
- Support post-incident review, reporting, and remediation discussions with relevant stakeholders
- Support continuous improvement of forensic processes, documentation, and operational practices
Position Qualifications
- 5–7 years of experience in digital forensics, incident response, and threat hunt activities
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Digital Forensics, or related field; or equivalent experience
- Core competencies in computer forensics, computer network defense, software testing and evaluation, system administration, and threat analysis
- Experience conducting forensic analysis in support of cybersecurity incidents
- Experience using MITRE ATT&CK and the Cyber Kill Chain to contextualize attacker behavior, investigative findings, and post-incident analysis
- Experience preparing technical findings and investigative reporting
- Ability to work effectively in classified environments within government controlled secure facilities
- Strong analytical, documentation, and evidence-handling discipline
- Ability to support high-priority incident and investigative tasking under time pressure
Preferred Certifications
GCFA, GNFA, GCIH, EnCE, CISSP, CASP, or comparable certifications
Similar Jobs
.jpg)
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
True Zero Technologies is a Professional Services firm and authorized product reseller. Made up of passionate technologists, TZT delivers services for both the public and private sector, creating unique and scalable solutions based on business context driven requirements. TZT is rapidly expanding it's team to meet demand, we have many opportunities including long-term, multi-year contracts supporting Splunk instances large and small with ample opportunity to help shape large operational and security programs. Apply today! https://truezerotech.applicantpro.com/jobs/
