Cybersecurity Forensics Analyst

Location: Washington, DC

Security Clearance Eligibility: Active Top Secret clearance (SCI eligible)

Duties and Responsibilities:

1 Source is seeking a Cyber Security Forensics Analyst/Engineer who has the expertise with the following:

  • Perform sound forensic collection techniques to obtain relevant digital media involved in identified cyber intrusions.
  • Perform remote incident handling support such as forensics collections, intrusion correlation tracking, threat analysis and direct system remediation tasks to onsite responders
  • Leverage commercially available and open source forensic tools (Encase) to efficiently perform forensic analysis.
  • Quickly decipher the difference between malware, greyware and goodware.
  • Analyze malicious code by using static and dynamic reverse engineering techniques and employing industry tools such as Ida Pro, OllyDbg, REMnux, etc.
  • Knowledge of C, C++ programming language and assembly language with debugging experience.
  • Ability to recognize common packing and encryption techniques. Ability to manually unpack and deobfuscate malicious binaries.


  • Must have 5+ years of experience
  • A Bachelor’s degree in Computer Science, Software Engineering, Information Technology or a related technical field is required.General knowledge of:
  • Bluecoat Proxies
  • Checkpoint firewalls
  • Incident Response
  • Experience working in a SOC
    The candidate will need to have the following certifications or combination:
  • CEH
  • GIAC or SSCP or GCIA
  • EnCE or GCIH

1 Source in accordance with applicable law, does not discriminate in hiring or otherwise in employment on the basis of race, color, religion, sex, national origin, age, marital or veteran status, disability, sexual orientation, or any other legally protected status.

1 Source is an Equal Opportunity Employer and strives for diversity. Careers with 1 Source feature excellent growth, very competitive health and welfare benefits, and 401(k) program with a Company match.


. . . . . . . .

Leave a Reply