Host Based Forensics Cybersecurity Analyst 3 (2022) at Caribou Thunder LLC (Washington DC)

| Washington DC
Sorry, this job was removed at 9:51 p.m. (CST) on Friday, May 13, 2022
Find out who's hiring in Washington DC.
See all Operations jobs in Washington DC
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Host Based Forensics Cybersecurity Analyst 3


Location: Arlington, VA

Schedule: Full Time

Shift: 1st



Caribou Thunder, LLC is a Woman Owned, HUBZone Certified, Native American Owned, SBA and SDB Certified global engineering services company, incorporated in 2006. Caribou Thunder is a Global Service Provider supporting a wide variety of DoD, Space and Intelligence programs with consistent growth since inception to over 100 associates and $10M in annual sales with solid performance in 35 states across the U.S. and 22 countries around the world. 

This is an opportunity to join a fast-paced program supporting the Department of Homeland Security cybersecurity hunt and incident response efforts. As a Host Based Forensics Cybersecurity Analyst you will use leading edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected cyber intrusions performing investigations to characterize of the severity of breaches, develop mitigation plans, and assist with the restoration of services.



  • Assists with leading and coordinating forensic teams in preliminary investigations.
  • Plans, coordinates, and directs the inventory, examination, and comprehensive technical analysis of computer related evidence.
  • Distills analytic findings into executive summaries and in-depth technical reports.
  • Serves as technical forensics liaison to stakeholders and explains investigation details to include forensic methodologies and protocols Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement.
  • Evaluates, extracts, and analyzes suspected malicious code.
  • Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements.
  • Triage electronic devices and assess evidentiary value.
  • Correlate forensic findings to network events in support of developing an intrusion narrative - Collect and document system state information (e.g. running processes, network connections) prior to imaging, as required.
  • Perform forensic triage of an incident to include determining scope, urgency, and potential impact.
  • Track and document forensic analysis from initial participation through resolution.
  • Collect, process, preserve, analyze and present computer related evidence’
  • Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products.
  • Assist to document and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings.



  • Experience with Splunk REQUIRED
  • Experience with the following:
      • MITRE ATT&CK
      • Windows Event IDs
      • Familiar with Linux & Windows artifacts & interpretation
      • Network topologies/architecture
      • Basic malware analysis
      • Incident response & threat hunting (at scale
      • Advanced Persistent Threats (APTs) tactics, techniques, and protocols (TTPs)
      • Computer forensics
      • Digital forensics
      • Memory forensics
      • Red/Blue/Purple Teams


  • Demonstrated use with the following:
      • FTK
      • Encase
      • Axiom
      • Xways
      • Autopsy
      • SIFT
      • Mandiant HX
      • FireEye
      • SOFL-ELK
      • Moloch
      • Wireshark
      • Network Miner
      • NetWitness
      • CyberChef
      • Corelightm
      • Zeek, Bro IDS
      • Security Onion
      • ArcSight
      • Bonus: PowerShell, Python, etc.




  • CEH
  • Security+
  • CHFI
  • GCIH
  • GCFE



Active TS/SCI Clearance

Must be able to obtain DHS Suitability



BS Computer Science, Computer Engineering, Computer Information Systems, Computer Systems Engineering plus 5-7 years of relevant experience

OR High School Diploma plus 7-9 years of relevant experience



Caribou Thunder, LLC is an established Defense contractor with nearly 20 years of experience delivering engineering services worldwide. We offer industry leading salaries, flexible work life balance, full range of benefits (career development and mentoring, PTO, medical, dental, vision, life insurance, disability insurance, and 401k match). Caribou Thunder, LLC offers meaningful career opportunities within a true team-based environment, where each and every employee matters, contributing to a higher goal supporting National Security programs. Caribou Thunder, LLC is committed to hiring and maintaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, marital status, national origin, age, veteran status, disability, or any other protected class. United States citizenship is a requirement for all positions.



More Information on Caribou Thunder LLC
Caribou Thunder LLC operates in the Information Technology industry. The company is located in Colorado Springs, CO. Caribou Thunder LLC was founded in 2006. It has 33 total employees. To see all 102 open jobs at Caribou Thunder LLC, click here.
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Similar Jobs

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Caribou Thunder LLC's full profileFind similar jobs