Cyber Network Defense Analyst (CNDA) – Cloud Forensics jobs in United States
cer-icon
Apply on Employer Site
company-logo

ARGO Cyber Systems · 2 months ago

Cyber Network Defense Analyst (CNDA) – Cloud Forensics

positionArlington, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$130K/yr - $160K/yr
date8+ years exp

Argo Cyber Systems is a Service-Disabled Veteran-Owned Small Business specializing in cybersecurity and threat-hunting capabilities. They are seeking a Cyber Network Defense Analyst (CNDA) with expertise in Cloud Forensics to conduct advanced investigations into intrusions across hybrid and multi-cloud environments, collaborating with government cyber teams to drive containment and remediation actions.

Cyber SecurityEnterprise SoftwareInformation TechnologyInternet
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Conduct end-to-end forensic acquisition and analysis across on-premises, cloud, and hybrid environments (Azure AD/Entra ID, M365, AWS, GCP, SaaS)
Investigate identity-based and credential-abuse incidents targeting cloud control planes and hybrid identity infrastructure
Correlate cloud telemetry (Azure Activity Logs, AWS CloudTrail, GCP Logs, VPC Flow Logs) and network evidence to reconstruct attacker timelines and validate indicators of compromise (IOCs)
Develop and deploy automated detection logic, threat-hunting scripts, and analytical playbooks using Microsoft Sentinel, Defender, AWS GuardDuty, and GCP Chronicle
Produce comprehensive technical and executive-level reports, integrating findings across endpoints, networks, and cloud assets to inform threat containment and strategic recommendations
Support continuous improvement of incident response procedures, forensics workflows, and threat-hunting operations
Collaborate with Argo and government stakeholders to triage alerts, assess risk, and strengthen enterprise detection and response posture

Qualification

Cloud ForensicsDigital ForensicsIncident ResponseM365/Azure ADAWS IAMSaaS Investigative MethodologiesScriptingAutomationEvidence AcquisitionCommunication SkillsCollaboration SkillsTechnical Reporting

Required

U.S. Citizenship and active TS/SCI clearance (with ability to obtain DHS EOD Suitability)
Minimum 8 years of hands-on experience conducting digital forensics and incident response (DFIR)
Proven expertise in cloud forensics, identity security, and hybrid infrastructure defense
Proficiency in M365/Azure AD, AWS IAM, and SaaS investigative methodologies
Deep understanding of SaaS/PaaS/IaaS architectures, including common attack vectors and defensive measures
Skilled in evidence acquisition, volatile data capture, artifact analysis, and technical reporting
Bachelor's Degree in Computer Science, Cybersecurity, Computer Engineering, or a related field or High School Diploma and 10+ years of directly relevant DFIR experience

Preferred

Scripting and automation proficiency in PowerShell, Python, Bash, or JavaScript
Familiarity with Terraform, Kubernetes, Docker, CloudFormation, or Azure Resource Manager for automation and orchestration
Understanding of MITRE ATT&CK for Cloud and adversary emulation techniques
Strong communication and collaboration skills for working across multidisciplinary teams
GIAC Cloud Defender (GCLD), GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP
AWS and Microsoft security/cloud certifications (e.g., Azure Security Engineer, AWS Security Specialty)

Company

ARGO Cyber Systems

twittertwitter
company-logo
Argo Cyber Systems provides managed cyber monitoring services for businesses and other environments.
dateFounded in 2018
location
Pensacola, Florida, USA
people-size11-50 employees
web-link
https://argocyber.com/

Funding

Current Stage
Early Stage
Total Funding
unknown
2020-10-05Pre Seed

Recent News

azureedge.net
gener8tor Announces 50 Companies Participating in Fall Pre-Accelerators Nationwide
2022-03-14
Company data provided by crunchbase