Forensic Cyber Network Defense Analysts; CNDA

BCMC provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking Cyber Network Defense Analysts (CNDA) with Cloud Forensics experience to support this critical customer mission.

• Conduct forensic acquisition and analysis from on-premises and cloud platforms (Entra /Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration.
• Investigate and respond to incidents and attacks targeting cloud and hybrid identity.
• Correlate cloud control-plane events and network telemetry (e.g., Azure Activity Logs, AWS Cloud Trail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post-compromise privilege escalation.
• Develop and operationalize detection logic and automation using cloud-native tools (Microsoft Defender, Sentinel, AWS Guard Duty, GCP Chronicle) and scripting (Power Shell, Python, Bash), integrating threat intelligence feeds and indicators.
• Produce technical reports, incident documentation, and containment recommendations integrating cloud, identity, and endpoint findings; support development of incident response playbooks and procedures for cloud and hybrid environments.
• Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities.
• Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings.

• U.S. Citizenship
• Active TS/SCI clearance
• Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
• 5+ years of experience in cyber forensic investigations with leading tools and techniques.
• Strong understanding of SaaS, PaaS, and IaaS in cloud environments, and hybrid identity security.
• Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings.
• Knowledge of M365/Azure, hybrid identity, and threats targeting these solutions.
• Knowledge of AWS, IAM, and best practices for cloud identity security.

• Strong API and scripting skills (Power Shell, Python, Bash, JavaScript) for automation and threat detection.
• Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
• Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, Cloud Formation, Azure Resource Manager, Docker).

• BS in Computer Science, Cybersecurity, Computer Engineering, or related field; OR HS Diploma with 7+ years relevant experience.

• GCLD, GCFR, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, CCSP, AWS or Microsoft Cloud/Security certifications.

Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015, ISO 27001:2013, 20000:2018, and CMMI L3 certified and registered promising highest quality and services to all of our clients.

• Extremely competitive salary
• 95% employer paid for employee medical, dental, & vision coverages
• 100% employer paid for employee life, STD & LTD disability coverages
• 401k with company match and profit sharing
• Flexible Spending Account (FSA) for dependent & health care
• 11 standard holidays & 3 weeks of annual leave

Host Based Systems Analyst - III - HBA
03 ESS-3285