Spry Methods, Inc.

Intrusion Analyst

Posted 14 Days Ago

Be an Early Applicant

Washington, DC

In-Office

Expert/Leader

Other

The Role

The Intrusion Analyst conducts digital forensics, analyzes host and network evidence, produces documentation, and communicates findings in legal settings.

Summary Generated by Built In

Who We’re Looking For (Position Overview):

We’re looking for an Intrusion Analyst to conduct intrusion-focused digital forensics across host and network evidence, reconstruct attack activity, and communicate findings that can stand up to investigative and legal scrutiny. This role is part of a digital forensics capability supporting complex cyber and computer intrusion cases.

The ideal candidate is a disciplined examiner with strong technical depth, excellent documentation habits, and the ability to explain complex intrusion activity to non-expert audiences.

What Your Day-To-Day Looks Like (Position Responsibilities):

Intrusion-Focused Forensic Analysis
Perform host- and network-based forensic analysis across Windows, Linux, macOS, and mobile platforms.
Examine volatile memory, log exports, and pre-acquired datasets; identify IOCs and adversary TTPs; reconstruct timelines and scope.
Tool-Driven Investigation & Automation
Use forensic and analysis tooling such as Magnet Axiom, X-Ways, FTK, Volatility, Splunk, ELK Stack, and open-source utilities.
Apply scripting/automation (Python, PowerShell, Bash) to accelerate artifact parsing and correlation.
Reporting, Testimony Readiness & Quality
Produce thorough documentation of findings and conclusions; communicate clearly for non-expert audiences.
Successfully complete a mock examination and defend results in a practical courtroom exercise (Government-run).
Operational Support
Support mission needs that may drive irregular hours and location-specific requirements depending on investigative activity.

What You Need to Succeed (Minimum Requirements):

Citizenship & Clearance
U.S. Citizenship required.
Active TS clearance with SCI eligibility required.
Digital Forensics Depth
Demonstrated experience with intrusion-focused forensic analysis across host/network artifacts and multiple OS platforms.
Courtroom-Defensible Communication
Strong writing and verbal communication skills; ability to present findings clearly and defend methodologies.

Ideally, You Also Have (Preferred Qualifications):

Experience supporting rapid response investigative operations that may require extended/irregular hours.
Experience correlating enterprise telemetry sources (security device logs, captures, cloud logs) to identify persistence, escalation, lateral movement, and exfiltration.

Top Skills

Bash

Elk Stack

Ftk

Magnet Axiom

Powershell

Python

Splunk

Volatility

X-Ways

View all jobs at Spry Methods, Inc.

View Spry Methods, Inc. Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

McLean, VA

89 Employees

Year Founded: 2000

What We Do

Spry is a certified Small Business headquartered in McLean, VA. Spry provides Enterprise, C4IT, Management, and Cyber Solutions to the federal government and commercial entities. Founded in 2001, Spry Methods was built on the foundation of combining industry knowledge with unmatched responsiveness to produce results for our customers. Our goal is to build a business dedicated to the maximization of value for all stakeholders starting with our employees, our customers, and our community. We recognize that talented and dedicated employees are our most valued assets and the foundation of our success. Guided by these principles, we have established an impressive track record of proven past performance serving our customers within the Commercial, Federal Civilian, DoD, and Intelligence Communities. A CMMI Level 3 certified and ISO 9001:2008 registered company, Spry is committed to quality and continuous improvement.