Cyber Host Forensic Analyst IV
Listed on 2026-07-17
-
IT/Tech
Cybersecurity
Nightwing provides technologically advanced cyber, data operations, systems integration, and intelligence mission support services to meet our customers’ most demanding challenges. Nightwing’s capabilities include cyber space operations, cyber defense, vulnerability research, technical surveillance, data intelligence, lifecycle mission enablement, and software modernization. The DHS’s Hunt and Incident Response Team (HIRT) secures the nation’s infrastructure, and Nightwing supports this mission through on- and offsite incident response, proactive hunting, rapid onsite response, and immediate investigation using host and network‑based cybersecurity analysis.
Nightwing is seeking Incident Response Experts to support this critical customer mission.
Position requires physical presence in the National Capital Region (NCR) for at least one week for training and orientation. Subsequent work will be primarily supported outside the NCR.
Responsibilities- Serve as hunt and incident response subject‑matter expert (SME), possessing in‑depth knowledge of NCCIC HIRT operations in surge capacity.
- Distill analytic findings into executive summaries and in‑depth technical reports.
- Provide expert support, analysis, and research for complex problems and processes related to hunt and incident response activities with broad direction.
- Serve as technical expert on high‑level incident response teams, providing technical direction, interpretation, and alternatives.
- Exercise considerable latitude in determining technical objectives of assignments or tasks.
- Independently develop technical solutions to complex problems requiring ingenuity and creativity.
- Guide the completion of hunt and incident response activities.
- U.S. Citizenship
- Active TS/SCI clearance and ability to obtain DHS Suitability
- 8+ years of directly relevant experience
- Knowledge of different operational threat environments (first, second, third generation)
- Knowledge of system and application security threats and vulnerabilities (buffer overflow, mobile code, cross‑site scripting, PL/SQL injections, race conditions, covert channel, replay, return‑oriented attacks, malicious code)
- Ability to travel domestically on short notice
- Independent thinking and superior written and oral communication skills
- Collaboration across physical locations
- Skilled in identifying different classes of attacks and attack stages
- Understanding of proactive analysis of systems and networks, including creating trust levels of critical resources
- Proficiency with common operating systems (Linux/Unix, Windows)
- Experience leading and mentoring technical teams
- Knowledge of Computer Network Defense policies, procedures, and regulations
- Wire Shark, Splunk, Snort
BS in Computer Science, Cyber Security, Computer Engineering, or related degree; or high school diploma and 10+ years of technical experience.
Desired Certifications- DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst
- DoD 8140.01 GCIA, GCIH, CSSP Analyst/CSSP Incident Responder
- DoD 8140.01 CEH, CSSP Analyst
- SANS GIAC GNFA (preferred)
- SANS GRID, GICSP, or GCIP (a plus)
The salary range for this position is $122,000–$253,000, commensurate with qualifications, experience, and expertise. Compensation is determined to align with skills, responsibilities, and market standards. Benefits include medical, vision, and dental insurance, 401(k) plan, PTO, holidays, and additional insurances.
Equal Opportunity/Affirmative Action EmployerAll qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, age, or any other federally protected class.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).