Host Based Systems Analyst III jobs in United States
cer-icon
Apply on Employer Site
company-logo

ARSIEM Corporation ยท 2 months ago

Host Based Systems Analyst III

positionArlington, VA
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

ARSIEM Corporation is committed to providing support to multiple agencies across the United States Government. They are seeking a Cyber Network Defense Analyst with Cloud Forensics experience to conduct forensic analysis, investigate incidents, and develop detection logic in cloud environments.

Cyber SecurityEmbedded SoftwareEnterprise ApplicationsSoftwareSoftware Engineering
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Conduct forensic acquisition and analysis from on-premises and cloud platforms (Entra ID/Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration
Investigate and respond to incidents and attacks targeting cloud and hybrid identity
Correlate cloud control-plane events and network telemetry (e.g., Azure Activity Logs, AWS CloudTrail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post-compromise privilege escalation
Develop and operationalize detection logic and automation using cloud-native tools (Microsoft Defender, Sentinel, AWS GuardDuty, GCP Chronicle) and scripting (PowerShell, Python, Bash), integrating threat intelligence feeds and indicators
Produce technical reports, incident documentation, and containment recommendations integrating cloud, identity, and endpoint findings; support development of incident response playbooks and procedures for cloud and hybrid environments
Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities
Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings

Qualification

Cyber forensic investigationsCloud ForensicsCloud security knowledgeScripting skillsM365/Azure knowledgeAWS knowledgeCloud automation toolsIncident response playbooksThreat detectionTechnical reportingCollaboration skillsProblem-solving skills

Required

BS in Computer Science, Cybersecurity, Computer Engineering, or related field; OR HS Diploma with 7+ years relevant experience
5+ years of experience in cyber forensic investigations with leading tools and techniques
Strong understanding of SaaS, PaaS, and IaaS in cloud environments and hybrid identity security
Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings
Knowledge of M365/Azure, hybrid identity, and threats targeting these solutions
Knowledge of AWS, IAM, and best practices for cloud identity security
This position requires an Active TS/SCI clearance and the ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability

Preferred

Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection
Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats
Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker)
GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS, or Microsoft Cloud/Security certifications

Benefits

$3,500 bonus for candidate referral

Company

ARSIEM Corporation

twittertwittertwitter
company-logo
ARSIEM Corporation is a proven and trusted partner to its government clients.
dateFounded in 2013
location
Baltimore, Maryland, USA
people-size51-200 employees
web-link
http://www.arsiem.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
R. Chuck Matthews
CEO
linkedin
leader-logo
La'Von Perry
CNO Instructor in Cybersecurity / Cybersecurity SME - Manager of Pentesters
linkedin
Company data provided by crunchbase