Cyber Incident Response & Digital Forensics Lead (Top Secret clearance)

Company: ALTA IT Services
Location: Washington
Posted on: April 3, 2025

Job Description:

Cyber Incident Response & Digital Forensics Lead

Ensure you read the information regarding this opportunity thoroughly before making an application.
Washington, DC - ONSITE
Clearance: Must possess active Top Secret security clearance
Salary: Up to $175K

ALTA IT Services is seeking a highly skilled and knowledgeable Cyber Incident Response & Digital Forensics Lead who will lead a team of incident responders and forensic analysts. This position is located on customer site in Washington, D.C.

Responsibilities include but are not limited to:
--- Assist in analyzing alerts, identifying true positives, and prioritizing incidents and incident response based on severity and impact.
--- Leading the analysis and identification of mobile threats, including malware, vulnerabilities, and other malicious activities targeting mobile devices and applications.
--- Working with the SOC/watch floor to develop and refine incident response plans and SOPs.
--- Gathering and analyzing extensive datasets to bridge informational gaps associated with cyber-attacks. This involves identifying perpetrators, understanding their intrusion methods, and meticulously documenting the precise sequence of actions that compromise system integrity.
--- Gathering evidence, analyzing artifacts, and reconstructing events to understand the scope and impact of incidents, determine how the compromise occurred, and identify root causes.
--- Conducting forensic analysis on systems and networks to determine the scope and impact of security incidents.
--- Conducting regular joint training exercises and tabletop simulations help strengthen coordination between teams and ensure compliance with security policies.
--- Conducting advanced malware analyses; devising and executing targeted threat mitigation strategies tailored to program and customer needs.
--- Analyzing threat intelligence feeds, indicators of compromise (IOCs), and TTPs to identify and conduct incident response to emerging threats.
--- Responsible for preserving and presenting evidence for legal proceedings.

Basic Qualifications:
--- Bachelor's degree, preferably in IT, cybersecurity, or related discipline.
--- 12+ years of IT experience with 8+ years of cyber incident response experience.
--- 2+ years experience leading a team of incident responders.
--- 2+ years of experience with digital forensics,
--- Must possess GIAC Certified Incident Handler (GCIH) certification.
--- 3+ years of hands-on Splunk experience.
--- Proficient understanding of mobile operating systems architecture (such as Android, iOS), including the security features and limitations of each platform, as well as proficient understanding of mobile application security, network protocols, and the potential exploitation vectors associated with mobile devices.
--- Advanced knowledge of Windows, Linux, and macOS, enabling effective analysis and response across diverse technical environments

Preferred Qualifications:
Experience using the Axiom Forensics Suite.
Desirable certifications: GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensic Analyst (GNFA).
Other preferred certifications: GIAC Continuous Monitoring Certification (GMON), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Cloud Threat Detection (GCTD), GIAC Cloud Forensics Responder (GCFR), GIAC Advanced Smartphone Forensics Certification (GASF), GIAC Mobile Device Security Analyst (GMOB).

#M2



Ref: #850-Rockville (ALTA IT)

Keywords: ALTA IT Services, Washington DC , Cyber Incident Response & Digital Forensics Lead (Top Secret clearance), Other , Washington, DC