The Role
The Digital Forensics Analyst conducts investigations of cybersecurity incidents, performs forensic analysis, maintains compliance, and provides expert guidance to support incident response activities.
Summary Generated by Built In
cFocus Software seeks a Digital Forensics Analyst to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:
Qualifications:
- Bachelor’s degree in Cybersecurity, Digital Forensics, Information Technology, or related field.
- Minimum 5–8 years of experience performing digital forensic investigations.
- Hands-on experience with endpoint, server, network, and cloud forensics.
- Strong knowledge of forensic acquisition, analysis, and evidence handling procedures.
- Experience supporting enterprise incident response and breach investigations.
- Familiarity with federal incident response and reporting requirements.
- Strong analytical, documentation, and communication skills.
- Active GCFA, GCFE, EnCE, or GCIH (preferred).
- Conduct digital forensic investigations following cybersecurity incidents, data breaches, and suspected malicious activity.
- Perform forensic acquisition and analysis of endpoints, servers, cloud workloads, network traffic, logs, and removable media.
- Preserve digital evidence in accordance with chain-of-custody and evidentiary handling requirements.
- Identify incident origin, timeline, scope, and extent of compromise using forensic methodologies.
- Analyze malware artifacts, scripts, and suspicious files to determine functionality and impact.
- Support reverse engineering and de-obfuscation of malicious content when required.
- Correlate forensic findings with SIEM, EDR, network, and cloud telemetry.
- Produce detailed forensic reports documenting methodology, findings, evidence, and recommendations.
- Support incident containment, eradication, and recovery activities through forensic insight.
- Assist with investigations involving PII, PHI, and other sensitive data in coordination with HRSA Privacy and Legal teams.
- Support FOIA searches, OGC litigation holds, and OIG criminal investigations as required.
- Maintain forensic toolsets, images, and procedures in accordance with HRSA SOPs.
- Participate in cyber exercises, tabletop exercises, and after-action reviews.
- Provide expert guidance to SOC Analysts, Incident Responders, and Threat Hunters.
- Ensure compliance with NIST SP 800-61, NIST SP 800-86, and HHS incident response guidance.
Top Skills
Cybersecurity
Digital Forensics
Information Technology
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.
cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365.
Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!
.png)
