The Cyber Forensic Specialist will also collaborate with the internal Legal team to execute litigation holds and eDiscovery-related evidence captures, ensuring full compliance with organizational and ...
The Cyber Forensic Specialist will also collaborate with the internal Legal team to execute litigation holds and eDiscovery-related evidence captures, ensuring full compliance with organizational and ...
The Cyber Forensic Specialist will also collaborate with the internal Legal team to execute litigation holds and eDiscovery-related evidence captures, ensuring full compliance with organizational and ...
The Cyber Forensic Specialist will also collaborate with the internal Legal team to execute litigation holds and eDiscovery-related evidence captures, ensuring full compliance with organizational and ...
Cyber Forensic Specialist
Arlington, VA · On-site
The Cyber Forensic Specialist will also collaborate with the internal Legal team to execute litigation holds and eDiscovery-related evidence captures, ensuring full compliance with organizational and ...
Cyber Forensic Specialist
Arlington, VA · On-site
The Cyber Forensic Specialist will also collaborate with the internal Legal team to execute litigation holds and eDiscovery-related evidence captures, ensuring full compliance with organizational and ...
Cyber Forensic Specialist
Arlington, VA · On-site
They are seeking a skilled Cyber Forensic Specialist to support their Digital Forensics and Incident Response (DFIR) team, focusing on cybersecurity incident investigations, forensic analysis, and ...
Cyber Forensic Specialist
Arlington, VA · On-site
They are seeking a skilled Cyber Forensic Specialist to support their Digital Forensics and Incident Response (DFIR) team, focusing on cybersecurity incident investigations, forensic analysis, and ...
Cyber Forensic Analyst II
Vienna, VA · On-site
Amentum is seeking a Cyber Forensic Analyst to support the Research & Analysis Division of the Financial Crimes Enforcement Network (FinCEN). This contract is in support of FinCEN's work to combat ...
Cyber Forensic Analyst II
Vienna, VA · On-site
Amentum is seeking a Cyber Forensic Analyst to support the Research & Analysis Division of the Financial Crimes Enforcement Network (FinCEN). This contract is in support of FinCEN's work to combat ...
Amentum is seeking a Cyber Forensic Analyst to support the Research & Analysis Division of the Financial Crimes Enforcement Network (FinCEN). This contract is in support of FinCEN's work to combat ...
Amentum is seeking a Cyber Forensic Analyst to support the Research & Analysis Division of the Financial Crimes Enforcement Network (FinCEN). This contract is in support of FinCEN's work to combat ...
Nightwing is seeking a Cyber Host Forensic Analyst to support this critical customer mission. Responsibilities: - Acquiring/collecting computer artifacts (e.g., malware, user activity, link files ...
Nightwing is seeking a Cyber Host Forensic Analyst to support this critical customer mission. Responsibilities: - Acquiring/collecting computer artifacts (e.g., malware, user activity, link files ...
Nightwing is seeking a Cyber Host Forensic Analyst to support this critical customer mission. Responsibilities: - Acquiring/collecting computer artifacts (e.g., malware, user activity, link files ...
Nightwing is seeking a Cyber Host Forensic Analyst to support this critical customer mission. Responsibilities: - Acquiring/collecting computer artifacts (e.g., malware, user activity, link files ...
Citizenship - Must have an active Secret clearance (TS/SCI eligible) and be able to obtain DHS Suitability - 8+ years of directly relevant experience in cyber forensic and network investigations ...
Citizenship - Must have an active Secret clearance (TS/SCI eligible) and be able to obtain DHS Suitability - 8+ years of directly relevant experience in cyber forensic and network investigations ...
Citizenship- Must have an active TS/SCI clearance- Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies ...
Citizenship- Must have an active TS/SCI clearance- Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies ...
S. Citizenship - Must have an active TS/SCI clearance - Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge ...
S. Citizenship - Must have an active TS/SCI clearance - Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge ...
Citizenship- Must have an active TS/SCI clearance- Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies ...
Citizenship- Must have an active TS/SCI clearance- Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies ...
Citizenship - Must have an active Secret clearance (TS/SCI eligible) and be able to obtain DHS Suitability - 8+ years of directly relevant experience in cyber forensic and network investigations ...
Citizenship - Must have an active Secret clearance (TS/SCI eligible) and be able to obtain DHS Suitability - 8+ years of directly relevant experience in cyber forensic and network investigations ...
S. Citizenship - Must have an active TS/SCI clearance - Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge ...
S. Citizenship - Must have an active TS/SCI clearance - Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge ...
Amentum is seeking a Cyber Forensic Analyst to support the Research & Analysis Division of the Financial Crimes Enforcement Network (FinCEN). This contract is in support of FinCEN's work to combat ...
Amentum is seeking a Cyber Forensic Analyst to support the Research & Analysis Division of the Financial Crimes Enforcement Network (FinCEN). This contract is in support of FinCEN's work to combat ...
Nightwing is seeking a Cyber Host Forensic Analyst to support this critical customer mission. Responsibilities: - Acquiring/collecting computer artifacts (e.g., malware, user activity, link files ...
Nightwing is seeking a Cyber Host Forensic Analyst to support this critical customer mission. Responsibilities: - Acquiring/collecting computer artifacts (e.g., malware, user activity, link files ...
Citizenship- Must have an active TS/SCI clearance- Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies ...
Citizenship- Must have an active TS/SCI clearance- Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge technologies ...
S. Citizenship - Must have an active TS/SCI clearance - Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge ...
S. Citizenship - Must have an active TS/SCI clearance - Must be able to obtain DHS Suitability- 8+ years of directly relevant experience in cyber forensic investigations using leading edge ...
Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking Cyber Network Defense Analysts (CNDA ...
Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking Cyber Network Defense Analysts (CNDA ...
Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking Cyber Network Defense Analysts (CNDA ...
Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking Cyber Network Defense Analysts (CNDA ...
Cyber Forensic information
See salary details
$69.5K - $77.2K
22% of jobs
$77.8K is the 25th percentile. Wages below this are outliers.
$77.2K - $85K
36% of jobs
$85K - $92.7K
1% of jobs
$92.7K - $100.4K
0% of jobs
$100.4K - $108.1K
10% of jobs
$113.4K is the 75th percentile. Wages above this are outliers.
$108.1K - $115.9K
9% of jobs
$115.9K - $123.6K
0% of jobs
$123.6K - $131.3K
1% of jobs
$131.3K - $139K
5% of jobs
$139K - $146.8K
9% of jobs
$146.8K - $154.5K
7% of jobs
$69.5K
$101.6K
$154.5K
How much do cyber forensic jobs pay per year?
What is a cyber forensic specialist?
How much does cyber forensics pay?
Is cyber forensics in demand?
What is the difference between Cyber Forensic vs Cyber Security Analyst?
| Aspect | Cyber Forensic | Cyber Security Analyst |
|---|---|---|
| Certifications | GCFA, GCFE, CISSP | CISSP, CEH, Security+ |
| Work Environment | Investigations, labs, legal settings | Network monitoring, threat analysis |
| Employer & Industry | Law enforcement, legal firms, cybersecurity firms | Businesses, government agencies, IT firms |
Cyber Forensic specialists focus on investigating cyber crimes, analyzing digital evidence, and working within legal contexts. Cyber Security Analysts primarily protect systems by monitoring networks, identifying threats, and implementing security measures. While both roles require cybersecurity knowledge and certifications, their work environments and objectives differ significantly.
What do you do in cyber forensics?
Will AI replace digital forensics?
What are some common challenges faced by professionals in a cyber forensic role, and how can they be addressed?
What are the key skills and qualifications needed to thrive as a Cyber Forensic specialist, and why are they important?
Accenture Federal Services rating
8.4
Based on 19 frontline employees who took The Breakroom Quiz
48th of 437 rated business services
Job description
We are seeking a skilled and detail-oriented Cyber Forensic Specialist to join our Digital Forensics and Incident Response (DFIR) team. This role is critical in supporting the organization's Cyber Incident Response Team (CIRT) by providing expert-level digital forensic and investigative support. Additionally, the position involves working closely with cross-functional teams, including Human Resources, Legal, and Insider Threat, to conduct sensitive internal investigations related to policy adherence and organizational concerns.
The Cyber Forensic Specialist will also collaborate with the internal Legal team to execute litigation holds and eDiscovery-related evidence captures, ensuring full compliance with organizational and regulatory requirements. The role further involves serving as the central point for evidence intake, processing, and management for cases, litigation holds, and investigations.
The Work
- DFIR Support:
- Collaborate with the Cyber Incident Response Team (CIRT) to investigate and respond to cybersecurity incidents, including malware infections, unauthorized access, data breaches, and advanced persistent threats (APTs).
- Perform digital forensic analysis on devices such as laptops, desktops, servers, mobile devices, and network logs to identify the root cause and scope of incidents.
- Provide recommendations on containment, remediation, and recovery activities.
- Investigative Support:
- Conduct internal investigations in collaboration with HR, Legal, and Insider Threat teams related to:
- Potential risks to organizational assets and operations.
- Inquiries requiring the collection and analysis of electronic evidence.
- Other internal matters involving digital investigations.
- Analyze electronic communications, file systems, and digital artifacts to uncover evidence.
- Prepare detailed, well-documented reports and findings to support decision-making and potential actions.
- Litigation Holds and eDiscovery:
- Partner with the Legal team to ensure the timely and accurate implementation of litigation holds, including identifying, preserving, and collecting electronically stored information (ESI).
- Perform eDiscovery-related data captures, including on-premises and cloud-based systems, in alignment with legal and regulatory requirements.
- Maintain thorough documentation of all eDiscovery activities for legal proceedings and audits.
- Evidence Intake and Management:
- Serve as the central point for evidence intake, ensuring proper chain of custody and documentation for all collected digital evidence.
- Maintain and enforce evidence management protocols, including secure storage, tagging, and tracking for litigation holds and legal proceedings.
- Ensure compliance with data retention and destruction policies.
- Process Optimization and Tooling:
- Leverage forensic tools (e.g., EnCase, FTK, X-Ways, Magnet Axiom) to analyze and process evidence efficiently.
- Continuously improve and document forensic methodologies, workflows, and playbooks.
- Stay up to date with emerging forensic techniques, tools, and industry best practices.
- Collaboration and Training:
- Provide guidance and training to the CIRT and other internal teams on forensic processes and evidence handling.
- Collaborate with outside counsel or external third-party forensic services, when required.
What you need
- US Citizenship required.
- 3-5 years of experience in information security, or other equivalent combination of education or equivalent work experience.
- 3 + years of experience with performing digital forensics on physical and cloud systems.
- 2+ years of experience performing event and log analysis including one or more of the following: Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Data loss prevention tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions.
- 1+ years of experience investigating, containing, eradicating, and preventing current and future compromises i.e., implementing or requesting an IP/domain/URL block, file hash block, email purge, software removal, device reimage, etc.
- 1+ years of experience with collecting, processing, reviewing, and producing Electronically Stored Information (ESI) to legal teams.
- Work independently to deliver prompt solutions without direct supervision.
- Excellent written and oral communication skills, attention to detail, and interpersonal skills.
- Experience presenting complex technical information to decision makers and leading them through the decision-making process.
- Experience with digital forensic imaging (FTK, Cellebrite, Paladin, etc.) and analysis tools (EnCase, Autopsy, Nuix, etc.)
- Experience with evidence preservation and chain of custody.
- Experience with TCP/IP, common application layer protocols, and packet analysis of the same.
- Experience performing static and dynamic malware analysis.
- Experience with indicators of attack and compromise.
- Experience with basic data parsing and analysis tools, i.e., Excel, grep, sed, awk, regex, etc.
- Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.
- Familiarity with detection design & engineering concepts to tune detections.
- Familiarity with Windows / Linux architecture and endpoint analysis of the same.
- Familiarity with the Electronic Discovery Reference Model (EDRM) for ESI discovery, preservation, and production.
Bonus if you have
- DFIR related certifications including but not limited to: SANS (GCED, GCLD, GCIH, GCFE,GCFA,GREM),CFCE,EnCE.
- Knowledge of scripting languages (e.g., Python, PowerShell) to automate forensic tasks.
- Experience with eDiscovery toolsets such as: Microsoft Purview eDiscovery (Standard/Premium) and Nuix.
What Accenture Federal Services employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Accenture Federal Services
Sourced by ZipRecruiter
Industry
It services
Company size
10,000+ Employees
Headquarters location
Arlington, VA, US
Year founded
1989