Cyber Forensics Analyst
Portland, OR · On-site
ECS is seeking a Cyber Forensics Analyst to work in our Portland, OR office. The Forensics Analyst Mid performs hands-on forensic analysis and malware investigation activities in support of SOC ...
Cyber Forensics Analyst
Portland, OR · On-site
ECS is seeking a Cyber Forensics Analyst to work in our Portland, OR office. The Forensics Analyst Mid performs hands-on forensic analysis and malware investigation activities in support of SOC ...
Cyber Forensics Analysts TS/SCI Client seeking Cyber Forensics Analysts to support the DHS Hunt and Incident Response Team (HIRT). This team secures the Nation's cyber and communications ...
Cyber Forensics Analysts TS/SCI Client seeking Cyber Forensics Analysts to support the DHS Hunt and Incident Response Team (HIRT). This team secures the Nation's cyber and communications ...
Lead Cyber Forensics Analyst
Portland, OR · On-site
Lead Cyber Forensics Analyst Location: Portland, OR | Full-Time Cybervance is a rapidly growing information security and information technology company based in Washington, D.C., and we are an equal ...
Lead Cyber Forensics Analyst
Portland, OR · On-site
Lead Cyber Forensics Analyst Location: Portland, OR | Full-Time Cybervance is a rapidly growing information security and information technology company based in Washington, D.C., and we are an equal ...
Cyber Forensics Analysts TS/SCI Client seeking Cyber Forensics Analysts to support the DHS Hunt and Incident Response Team (HIRT). This team secures the Nation's cyber and communications ...
Cyber Forensics Analysts TS/SCI Client seeking Cyber Forensics Analysts to support the DHS Hunt and Incident Response Team (HIRT). This team secures the Nation's cyber and communications ...
... forensics findings - Experience with the analysis and characterization of cyber attacks - Experience with proper evidence handing procedures and chain of custody protocols - Skilled in identifying ...
... forensics findings - Experience with the analysis and characterization of cyber attacks - Experience with proper evidence handing procedures and chain of custody protocols - Skilled in identifying ...
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
Cyber Network Defense Analyst (CNDA) - Cloud Forensics
Arlington, VA · On-site
$130K - $160K/yr
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Quick apply
Cyber Network Defense Analyst (CNDA) - Cloud Forensics
Arlington, VA · On-site
$130K - $160K/yr
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
... forensics findings - Experience with the analysis and characterization of cyber attacks - Experience with proper evidence handing procedures and chain of custody protocols - Skilled in identifying ...
... forensics findings - Experience with the analysis and characterization of cyber attacks - Experience with proper evidence handing procedures and chain of custody protocols - Skilled in identifying ...
Cyber Network Defense Analyst (CNDA) IV - Cloud Forensics
Arlington, VA · On-site
$130K - $160K/yr
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Cyber Network Defense Analyst (CNDA) IV - Cloud Forensics
Arlington, VA · On-site
$130K - $160K/yr
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Forensics Analyst II
San Antonio, TX · On-site
Two years of experience as a Cyber Forensics Analyst. * Two years of demonstrated experience using at least two different forensic tool suites similar to EnCase, Sleuthkit, FTK, X-WAYS, REKALL or ...
Forensics Analyst II
San Antonio, TX · On-site
Two years of experience as a Cyber Forensics Analyst. * Two years of demonstrated experience using at least two different forensic tool suites similar to EnCase, Sleuthkit, FTK, X-WAYS, REKALL or ...
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Network-Based Cyber Forensics Analyst (NBA) • Assists the Government lead in coordinating teams in preliminary incident response investigations • Assists the Government lead with interfacing with ...
Network-Based Cyber Forensics Analyst (NBA) • Assists the Government lead in coordinating teams in preliminary incident response investigations • Assists the Government lead with interfacing with ...
Cyber Network Defense Analyst (CNDA) III - Cloud Forensics
Arlington, VA · On-site
$95K - $135K/yr
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Quick apply
Cyber Network Defense Analyst (CNDA) III - Cloud Forensics
Arlington, VA · On-site
$95K - $135K/yr
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Cyber Network Defense Analyst (CNDA) III - Cloud Forensics
Arlington, VA · On-site
$95K - $135K/yr
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Cyber Network Defense Analyst (CNDA) III - Cloud Forensics
Arlington, VA · On-site
$95K - $135K/yr
Cyber Network Defense Analyst (CNDA) - Cloud Forensics Location: Remote / Onsite (as required) Clearance: Active TS/SCI (DHS EOD eligibility required) Company: Argo Cyber Systems, LLC - A Service ...
Perform malware triage and analysis to support incident response and threat mitigation efforts ... Experience mentoring analysts in cyber forensics and investigative techniques Security Clearance:
Perform malware triage and analysis to support incident response and threat mitigation efforts ... Experience mentoring analysts in cyber forensics and investigative techniques Security Clearance:
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...
Cyber Forensics Analyst information
See salary details
$69.5K - $77.2K
22% of jobs
$77.8K is the 25th percentile. Wages below this are outliers.
$77.2K - $85K
36% of jobs
$85K - $92.7K
1% of jobs
$92.7K - $100.4K
0% of jobs
$100.4K - $108.1K
10% of jobs
$113.4K is the 75th percentile. Wages above this are outliers.
$108.1K - $115.9K
9% of jobs
$115.9K - $123.6K
0% of jobs
$123.6K - $131.3K
1% of jobs
$131.3K - $139K
5% of jobs
$139K - $146.8K
9% of jobs
$146.8K - $154.5K
7% of jobs
$69.5K
$101.6K
$154.5K
How much do cyber forensics analyst jobs pay per year?
As of Jun 8, 2026, the average yearly pay for cyber forensics analyst in the United States is $101,608.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,500.00 and $132,000.00 per year, depending on experience, location, and employer.
What is the difference between Cyber Forensics Analyst vs Cyber Security Analyst?
| Aspect | Cyber Forensics Analyst | Cyber Security Analyst |
|---|---|---|
| Certifications | GCFA, GCFE, CISSP | CISSP, CompTIA Security+ |
| Work Environment | Investigations, incident response, legal settings | Network security, threat monitoring, prevention |
| Employer & Industry | Law enforcement, legal firms, cybersecurity firms | Businesses, government agencies, IT departments |
Cyber Forensics Analysts focus on investigating cybercrimes, analyzing digital evidence, and supporting legal cases. Cyber Security Analysts primarily work to protect systems, monitor threats, and prevent attacks. While both roles require cybersecurity knowledge and certifications, their daily tasks and work environments differ significantly.
What are the key skills and qualifications needed to thrive as a Cyber Forensics Analyst, and why are they important?
To thrive as a Cyber Forensics Analyst, you need a thorough understanding of digital forensics, cybersecurity principles, and incident response, usually backed by a degree in computer science or a related field. Familiarity with forensic analysis tools such as EnCase, FTK, and proficiency in handling evidence according to legal standards are crucial, along with certifications like GCFA or CCE. Strong analytical thinking, attention to detail, and effective communication skills help analysts interpret complex data and present findings clearly to stakeholders. These skills and qualifications are vital for accurately investigating cyber incidents, preserving evidence integrity, and supporting legal or organizational actions.
What are Cyber Forensics Analysts?
Cyber Forensics Analysts are professionals who investigate and analyze digital data to uncover evidence related to cybercrimes. They use specialized tools and techniques to recover, preserve, and examine data from computers, networks, and electronic devices. Their work supports legal investigations, helping law enforcement or organizations understand how a security breach or crime occurred. Cyber Forensics Analysts also prepare detailed reports and may be called to testify in court about their findings.
What are the common challenges faced by Cyber Forensics Analysts when collecting digital evidence?
Cyber Forensics Analysts often face challenges such as ensuring the integrity of digital evidence during collection, dealing with encrypted or damaged devices, and working under tight timelines due to the urgency of investigations. Maintaining a clear chain of custody and adhering to legal protocols is critical to ensure evidence is admissible in court. Additionally, analysts must stay updated on rapidly evolving technologies and cyber threats, which can complicate evidence extraction and analysis.
More about Cyber Forensics Analyst jobs
What cities are hiring for Cyber Forensics Analyst jobs? Cities with the most Cyber Forensics Analyst job openings:
Who are the top companies hiring for Cyber Forensics Analyst jobs? The top employers for Cyber Forensics Analyst jobs are:
What states have the most Cyber Forensics Analyst jobs? States with the most job openings for Cyber Forensics Analyst jobs include:
What job categories do people searching Cyber Forensics Analyst jobs look for? The top searched job categories for Cyber Forensics Analyst jobs are:
What are popular job titles related to Cyber Forensics Analyst jobs? For Cyber Forensics Analyst jobs, the most frequently searched job titles are:
Job description
ECS is seeking a Cyber Forensics Analyst to work in our Portland, OR office.
The Forensics Analyst Mid performs hands-on forensic analysis and malware investigation activities in support of SOC security investigations, incident response, routine memory checks, and advanced threat hunting. This role uses industry-standard forensic tools and strong investigative skills to collect, analyze, and document technical evidence.
The ideal candidate has solid cybersecurity experience, strong written communication skills, and the ability to operate resourcefully and independently while coordinating with SOC teams, data centers, and senior forensic personnel during investigations.
Key Responsibilities
Digital Forensics and Investigation
Malware Analysis and IOC Development
SOC and Incident Response Support
Reporting and Collaboration
The Forensics Analyst Mid performs hands-on forensic analysis and malware investigation activities in support of SOC security investigations, incident response, routine memory checks, and advanced threat hunting. This role uses industry-standard forensic tools and strong investigative skills to collect, analyze, and document technical evidence.
The ideal candidate has solid cybersecurity experience, strong written communication skills, and the ability to operate resourcefully and independently while coordinating with SOC teams, data centers, and senior forensic personnel during investigations.
Key Responsibilities
Digital Forensics and Investigation
- Perform forensic analysis using industry-standard forensic tools and open-source DFIR utilities.
- Assist with forensic investigations involving endpoints, servers, malware, and cyber incidents.
- Analyze Windows Registry, Windows System Calls, Linux artifacts, file system data, logs, and memory artifacts.
- Create findings and technical notes that support investigative conclusions and remediation actions.
Malware Analysis and IOC Development
- Analyze malware in a lab environment using standard malware analysis techniques.
- Create IOCs based on forensic and malware findings for sharing with SOC and security teams.
- Support Java code de-obfuscation and technical analysis activities within the analyst skill level.
- Escalate complex malware or reverse-engineering requirements to senior analysts or the FMAT Lead.
SOC and Incident Response Support
- Assist the SOC with security investigations and incident response activities.
- Conduct routine memory checks on Linux and Windows servers as directed.
- Support proactive malware analysis, incident response, and advanced threat hunting activities.
- Communicate with different teams and data centers during investigations.
Reporting and Collaboration
- Create clear investigation reports, forensic summaries, and supporting documentation.
- Communicate findings effectively to SOC analysts, incident responders, data center teams, and leadership.
- Apply strong investigative, research, and problem-solving skills to ambiguous technical issues.
- Contribute to repeatable forensic procedures, knowledge sharing, and continuous process improvement.
- U.S. Citizenship with ability to obtain and maintain a DOE "L" clearance after start.
- 5 to 8 years of experience in cybersecurity, digital forensics, incident response, or related cyber investigation work.
- Experience performing forensic analysis using industry-standard forensic tools and open-source tools.
- Familiarity with Windows Registry, Windows System Calls, Linux operating systems, and Java code de-obfuscation.
- Hands-on experience with Volatility or other memory forensics tools, FTK, and Wireshark.
- Ability to create IOCs based on forensic analysis and share them with other security teams.
- Ability to analyze malware in a lab environment using standard malware analysis techniques.
- Experience performing or supporting forensic investigations and incident response activities.
- Excellent written communication, resourcefulness, investigative ability, research skills, and problem-solving skills.