1

Cyber Forensics Analyst Jobs (NOW HIRING)

ECS is seeking a Cyber Forensics Analyst to work in our Portland, OR office. Note: This position is contingent upon contract award. The Forensics Analyst Mid performs hands-on forensic analysis and ...

Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...

... forensics findings - Experience with the analysis and characterization of cyber attacks - Experience with proper evidence handing procedures and chain of custody protocols - Skilled in identifying ...

Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...

Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...

... forensics findings - Experience with the analysis and characterization of cyber attacks - Experience with proper evidence handing procedures and chain of custody protocols - Skilled in identifying ...

Nightwing is seeking a Host Forensics Analyst to support this critical customer mission ... in cyber forensic investigations using leading edge technologies and industry standard forensic ...

Two years of experience as a Cyber Forensics Analyst. * Two years of demonstrated experience using at least two different forensic tool suites similar to EnCase, Sleuthkit, FTK, X-WAYS, REKALL or ...

Conduct cyber forensics, to include the acquisition, chain of custody, and analysis of electronic evidence from computers, mobile devices, and other digital storage media. * Apply investigation and ...

Conduct cyber forensics, to include the acquisition, chain of custody, and analysis of electronic evidence from computers, mobile devices, and other digital storage media. * Apply investigation and ...

Host Based Systems Analyst IV Description: Solutions³ LLC provides remote and onsite advanced ... Able to write cyber investigative reports documenting digital forensics findings * Experience with ...

next page

Showing results 1-20

Cyber Forensics Analyst information

See salary details

$69.5K

$101.6K

$154.5K

How much do cyber forensics analyst jobs pay per year?

As of Jul 19, 2026, the average yearly pay for cyber forensics analyst in the United States is $101,608.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,500.00 and $132,000.00 per year, depending on experience, location, and employer.

How much do cyber forensic analysts make?

Cyber Forensics Analysts typically earn a median annual salary of around $75,000 to $100,000, depending on experience, certifications, and location. Entry-level analysts may start at lower salaries, while experienced professionals with specialized skills can earn over $120,000 annually.

Can you make $500,000 a year in cyber security?

Cyber Forensics Analysts typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Reaching a $500,000 salary usually requires advanced roles such as senior security executives or consultants with specialized skills and extensive experience, often in leadership or consulting positions. High earnings in cybersecurity are possible but generally involve senior-level roles, bonuses, or profit-sharing arrangements.

What is the difference between Cyber Forensics Analyst vs Cyber Security Analyst?

AspectCyber Forensics AnalystCyber Security Analyst
CertificationsGCFA, GCFE, CISSPCISSP, CompTIA Security+
Work EnvironmentInvestigations, incident response, legal settingsNetwork security, threat monitoring, prevention
Employer & IndustryLaw enforcement, legal firms, cybersecurity firmsBusinesses, government agencies, IT departments

Cyber Forensics Analysts focus on investigating cybercrimes, analyzing digital evidence, and supporting legal cases. Cyber Security Analysts primarily work to protect systems, monitor threats, and prevent attacks. While both roles require cybersecurity knowledge and certifications, their daily tasks and work environments differ significantly.

What are the key skills and qualifications needed to thrive as a Cyber Forensics Analyst, and why are they important?

To thrive as a Cyber Forensics Analyst, you need a thorough understanding of digital forensics, cybersecurity principles, and incident response, usually backed by a degree in computer science or a related field. Familiarity with forensic analysis tools such as EnCase, FTK, and proficiency in handling evidence according to legal standards are crucial, along with certifications like GCFA or CCE. Strong analytical thinking, attention to detail, and effective communication skills help analysts interpret complex data and present findings clearly to stakeholders. These skills and qualifications are vital for accurately investigating cyber incidents, preserving evidence integrity, and supporting legal or organizational actions.

What are Cyber Forensics Analysts?

Cyber Forensics Analysts are professionals who investigate and analyze digital data to uncover evidence related to cybercrimes. They use specialized tools and techniques to recover, preserve, and examine data from computers, networks, and electronic devices. Their work supports legal investigations, helping law enforcement or organizations understand how a security breach or crime occurred. Cyber Forensics Analysts also prepare detailed reports and may be called to testify in court about their findings.

What are the common challenges faced by Cyber Forensics Analysts when collecting digital evidence?

Cyber Forensics Analysts often face challenges such as ensuring the integrity of digital evidence during collection, dealing with encrypted or damaged devices, and working under tight timelines due to the urgency of investigations. Maintaining a clear chain of custody and adhering to legal protocols is critical to ensure evidence is admissible in court. Additionally, analysts must stay updated on rapidly evolving technologies and cyber threats, which can complicate evidence extraction and analysis.

What does a cyber forensic analyst do?

A cyber forensic analyst investigates digital crimes by collecting, analyzing, and preserving electronic evidence from computers, networks, and storage devices. They use specialized tools and techniques to uncover data breaches, cyberattacks, or fraud, often working closely with law enforcement or security teams to support legal proceedings and improve cybersecurity measures.

Can I make $200,000 a year in cyber security?

Cyber Forensics Analysts can potentially earn $200,000 or more annually with extensive experience, advanced certifications, and specialized skills in areas like digital evidence analysis and incident response. High salaries are often associated with senior roles, management positions, or working in high-demand industries and locations, but such earnings are not typical for entry-level positions.
More about Cyber Forensics Analyst jobs
What cities are hiring for Cyber Forensics Analyst jobs? Cities with the most Cyber Forensics Analyst job openings:
Who are the top companies hiring for Cyber Forensics Analyst jobs? The top employers for Cyber Forensics Analyst jobs are:
What states have the most Cyber Forensics Analyst jobs? States with the most job openings for Cyber Forensics Analyst jobs include:
Infographic showing various Cyber Forensics Analyst job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $101,608 per year, or $48.9 per hour.
Cyber Forensics Analyst

Cyber Forensics Analyst

ECS

Portland, OR • On-site

Full-time

Re-posted 21 days ago


Job description

ECS is seeking a Cyber Forensics Analyst to work in our Portland, OR office. Note: This position is contingent upon contract award.
The Forensics Analyst Mid performs hands-on forensic analysis and malware investigation activities in support of SOC security investigations, incident response, routine memory checks, and advanced threat hunting. This role uses industry-standard forensic tools and strong investigative skills to collect, analyze, and document technical evidence.
The ideal candidate has solid cybersecurity experience, strong written communication skills, and the ability to operate resourcefully and independently while coordinating with SOC teams, data centers, and senior forensic personnel during investigations.
Key Responsibilities
Digital Forensics and Investigation
  • Perform forensic analysis using industry-standard forensic tools and open-source DFIR utilities.
  • Assist with forensic investigations involving endpoints, servers, malware, and cyber incidents.
  • Analyze Windows Registry, Windows System Calls, Linux artifacts, file system data, logs, and memory artifacts.
  • Create findings and technical notes that support investigative conclusions and remediation actions.

Malware Analysis and IOC Development
  • Analyze malware in a lab environment using standard malware analysis techniques.
  • Create IOCs based on forensic and malware findings for sharing with SOC and security teams.
  • Support Java code de-obfuscation and technical analysis activities within the analyst skill level.
  • Escalate complex malware or reverse-engineering requirements to senior analysts or the FMAT Lead.

SOC and Incident Response Support
  • Assist the SOC with security investigations and incident response activities.
  • Conduct routine memory checks on Linux and Windows servers as directed.
  • Support proactive malware analysis, incident response, and advanced threat hunting activities.
  • Communicate with different teams and data centers during investigations.

Reporting and Collaboration
  • Create clear investigation reports, forensic summaries, and supporting documentation.
  • Communicate findings effectively to SOC analysts, incident responders, data center teams, and leadership.
  • Apply strong investigative, research, and problem-solving skills to ambiguous technical issues.
  • Contribute to repeatable forensic procedures, knowledge sharing, and continuous process improvement.

  • U.S. Citizenship with ability to obtain and maintain a DOE "L" clearance after start.
  • 5 to 8 years of experience in cybersecurity, digital forensics, incident response, or related cyber investigation work.
  • Experience performing forensic analysis using industry-standard forensic tools and open-source tools.
  • Familiarity with Windows Registry, Windows System Calls, Linux operating systems, and Java code de-obfuscation.
  • Hands-on experience with Volatility or other memory forensics tools, FTK, and Wireshark.
  • Ability to create IOCs based on forensic analysis and share them with other security teams.
  • Ability to analyze malware in a lab environment using standard malware analysis techniques.
  • Experience performing or supporting forensic investigations and incident response activities.
  • Excellent written communication, resourcefulness, investigative ability, research skills, and problem-solving skills.