Host Cyber Systems Analyst IV
Listed on 2026-07-01
-
IT/Tech
Cybersecurity, Data Security, Cloud Computing: Infrastructure & Operations
Host Based Cyber Systems Analyst IV
Argo Cyber Systems provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking Cyber Network Defense Analysts (CNDA) with Cloud Forensics experience to support this critical customer mission.
Responsibilities include conducting forensic acquisition and analysis from on-premises and cloud platforms to identify compromise activity, persistence mechanisms, and data exfiltration. Additionally, the role involves investigating and responding to incidents and attacks targeting cloud and hybrid identity, correlating cloud control-plane events and network telemetry to reconstruct attacker timelines, and developing and operationalizing detection logic and automation using cloud-native tools and scripting.
The position also requires producing technical reports, incident documentation, and containment recommendations integrating cloud, identity, and endpoint findings; supporting development of incident response playbooks and procedures for cloud and hybrid environments; and supporting cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities. Coordination with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings is also part of the role.
Required skills include U.S. citizenship, active TS/SCI clearance, ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability, 8+ years of experience in cyber forensic investigations with leading tools and techniques, strong understanding of SaaS, PaaS, and IaaS in cloud environments, and hybrid identity security. Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings, knowledge of M365/Azure, hybrid identity, and threats targeting these solutions, and knowledge of AWS, IAM, and best practices for cloud identity security are also required.
Desired skills include strong API and scripting skills for automation and threat detection, knowledge of common and advanced cloud attacks and techniques, and proficiency with cloud automation and orchestration tools.
This position requires a minimum of a USG Top Secret Security Clearance!
Argo Cyber is an Equal Opportunity Employer.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).