Apply on Employer Site

ARGO Cyber Systems · 2 months ago

Host Based Cyber Systems Analyst III

Arlington, VA

Full-time

Hybrid

Mid, Senior Level

$120K/yr - $140K/yr

5+ years exp

Argo Cyber Systems is a Service-Disabled Veteran-Owned Small Business supporting the Department of Homeland Security in protecting the Nation's cyber and communications infrastructure. The Host-Based Systems Analyst III will lead forensic investigations and provide technical expertise in response to advanced cyber threats targeting critical government systems.

Cyber SecurityEnterprise SoftwareInformation TechnologyInternet

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Lead and coordinate forensic investigations in support of incident response engagements and post-compromise assessments

Plan, direct, and execute the collection, examination, and analysis of host-based evidence across multiple operating systems and environments

Acquire, preserve, and analyze digital artifacts (malware, volatile memory, registry data, user activity, logs, and executables) to support attribution and root-cause analysis

Perform forensic triage to determine incident scope, urgency, and potential impact on enterprise operations

Correlate host-level findings with network telemetry to reconstruct intrusion narratives and identify persistence or lateral movement

Evaluate and dissect malicious code and executable behavior to identify tactics, techniques, and procedures (TTPs)

Maintain strict chain of custody and documentation standards to ensure evidence integrity

Distill technical analysis into clear, actionable reports and executive summaries suitable for senior leadership and interagency partners

Serve as a technical liaison to government stakeholders, explaining forensic methodologies, tools, and findings in both technical and operational terms

Support the development of Computer Network Defense (CND) guidance, playbooks, and after-action reports based on investigative outcomes

Qualification

Digital forensicsMalware analysisIncident responseEvidence handlingWindows proficiencyLinux/Unix proficiencyForensic tools proficiencyThreat analysisCommunicationCollaboration skills

Required

U.S. Citizenship (required)

Active TS/SCI clearance (required)

Ability to obtain DHS Entry on Duty (EOD) Suitability

5+ years of hands-on experience conducting host-based or digital forensic investigations

Expertise in forensically sound data acquisition, duplication, and preservation

Proficiency in analyzing, categorizing, and reporting cyber attacks and system compromises

Strong knowledge of evidence handling procedures, documentation, and chain-of-custody standards

Familiarity with attack lifecycle phases and common adversary techniques

Comprehensive understanding of system and application security threats, vulnerabilities, and mitigation strategies

Experience performing host triage, live response, and volatile memory analysis

Proficiency with Windows, Linux/Unix, and related file systems

Demonstrated ability to collaborate across distributed teams in time-sensitive operational environments

Bachelor's Degree in Computer Science, Cybersecurity, Computer Engineering, or a related field or High School Diploma with 7-9 years of host or digital forensics experience

Preferred

Proficiency with two or more of the following forensic and analysis tools: EnCase, FTK, X-Ways, SIFT, Volatility, Sleuth Kit/Autopsy, Wireshark, Splunk, Snort, or EDR tools (CrowdStrike, Carbon Black, SentinelOne)

Experience conducting malware reverse-engineering and all-source research

Understanding of threat actor TTPs and advanced intrusion methodologies

Strong communication skills for technical briefings and interagency coordination