Forensics Analyst Lead

US·PortlandRemotelead

OtherAnalyst

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

Position Title: Forensics Analyst Lead Location: Portland, OR | Full-Time Cybervance is a rapidly growing information security and information technology company based in Washington, D.C.,

Technical Tools

OtherAnalyst

Responsibilities

~2 min read

→Lead and oversee all digital forensic investigations across endpoint, server, network, cloud, and mobile environments.
→Establish forensic standards, methodologies, and toolsets.
→Act as the primary escalation point for complex or high‑impact forensic cases.
→Ensure investigations follow best practices for evidence handling and forensic integrity.

→Support and lead forensic analysis during security incidents, including malware infections, intrusions, and data exfiltration events.
→Conduct advanced forensic analysis to identify root cause, attacker activity, and impact.
→Reconstruct timelines and analyze artifacts to support incident response and remediation efforts.
→Collaborate closely with Incident Response, SOC, Threat Hunting, and Legal teams.

→Ensure proper evidence preservation, chain of custody, and documentation.
→Provide forensic findings to legal, compliance, HR, and regulatory stakeholders.
→Support internal investigations, litigation, and eDiscovery processes.
→Serve as a subject‑matter expert for forensic procedures during audits or legal proceedings.

→Evaluate, deploy, and maintain forensic tools and technologies.
→Improve forensic readiness through logging, data retention, and evidence collection. Strategies.
→Develop scripts, workflows, or automation to improve forensic efficiency and consistency.

→Lead, mentor, and train forensic analysts and incident responders.
→Review forensic work products for quality and accuracy.
→Contribute to training programs, tabletop exercises, and forensic playbooks.

→Produce detailed forensic reports, timelines, and root cause analyses.
→Translate technical findings into clear business, legal, and risk‑based narratives.
→Brief senior leadership on incident findings, impact, and recommendations.

Requirements

~1 min read

7–10+ years of experience in digital forensics, incident response, or cybersecurity investigations.
Proven experience leading forensic investigations and teams.
Deep understanding of:

Endpoint, memory, disk, and network forensics
Malware analysis and attacker techniques
Evidence handling and chain‑of‑custody requirements

Hands‑on experience with industry‑standard forensic tools.
Strong written communication and technical reporting skills.

Experience with cloud and SaaS forensics (AWS, Azure, GCP, M365, Google Workspace).
Experience supporting legal, HR, or regulatory investigations.
Scripting or automation experience (Python, PowerShell, Bash).
Certifications such as GCFA, GCED, GCIH, CISSP, EnCE, or equivalent.
Experience in government, finance, healthcare, or other regulated environments.