1

Forensics Jobs Jobs (NOW HIRING)

Digital Forensics SME

Rockville, MD · On-site

$140K - $184K/yr

Description Digital Forensics Subject Matter Expert Location: Rockville, MD Position Overview: The Digital Forensics SME provides advanced digital forensics and incident response (DFIR) expertise ...

Description Digital Forensics Subject Matter Expert Location: Rockville, MD Position Overview: The Digital Forensics SME provides advanced digital forensics and incident response (DFIR) expertise ...

We are seeking experienced Host Forensics Analysts to provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. Eligibility:

Responsibilities Peraton is seeking a Digital Forensics Examiner in our Linthicum, MD office in support of our Department of Defense (DoD) customer as part of a highly talented, highly motivated, and ...

About the Role Culmen International is seeking Forensics Advisors and Instructors to support global criminal justice training and advising requirements. These positions can be located all around the ...

Digital Forensics Subject Matter Expert Location: Rockville, MD Position Overview: The Digital Forensics SME provides advanced digital forensics and incident response (DFIR) expertise, supporting ...

next page

Showing results 1-20

Forensics Jobs information

See salary details

$43.5K

$115.4K

$167.5K

How much do forensics jobs jobs pay per year?

As of Jul 7, 2026, the average yearly pay for forensics jobs in the United States is $115,449.00, according to ZipRecruiter salary data. Most workers in this role earn between $97,000.00 and $134,500.00 per year, depending on experience, location, and employer.

Mobile Threat & Forensics Analyst

SPECIAL AEROSPACE SECURITY SERVICES INC

Washington, DC • On-site

Full-time

Re-posted 17 days ago


Job description

Mobile Threat & Forensics Analyst

Location: Arlington, VA (Hybrid: Onsite & Remote)
Clearance Required: Active Secret Clearance Required (TS/SCI strongly preferred)
Employment Type: Full-Time, Regular


Position Overview

Special Aerospace Security Services, Inc. (SASSI) is seeking a highly motivated Mobile Threat & Forensics Analyst to support a U.S. Government customer in delivering advanced mobile security, malware analysis, digital forensics, and incident response support services within enterprise cybersecurity environments.

This position supports evolving cybersecurity operations focused on mobile threats, advanced forensic investigations, malware analysis, phishing investigations, mobile application analysis, and proactive threat identification activities across both traditional and mobile platforms. The selected candidate will work closely with cybersecurity operations, threat intelligence, incident response, and enterprise security teams to support investigative, analytical, and operational cybersecurity missions.

SASSI is seeking candidates capable of supporting complex investigative and analytical activities with minimal oversight while operating within fast-paced operational environments supporting federal cybersecurity missions.

Work Environment

This is a hybrid position requiring a combination of onsite support in Arlington, VA and remote work.

Candidates must be able to:

  • Maintain availability during core business hours (Monday–Friday)
  • Support onsite mission requirements, classified work, and collaborative operational activities
  • Participate in incident response, investigative, and operational activities as required
  • Remain responsive and engaged during remote support activities through Microsoft Teams, email, and other communication platforms

Key Responsibilities

  • Perform malware analysis utilizing static and dynamic analysis techniques to identify malicious behavior, persistence mechanisms, attack vectors, and indicators of compromise (IOCs)
  • Conduct digital forensic analysis of systems, removable media, and mobile devices involved in cybersecurity incidents or investigations
  • Perform mobile device forensic analysis across iOS and Android platforms utilizing forensic acquisition and analysis tools
  • Investigate phishing emails, malicious attachments, suspicious URLs, spoofed domains, and command-and-control (C2) communications
  • Analyze mobile applications, APK/IPA files, suspicious software, and mobile-specific attack techniques
  • Capture and analyze volatile memory, logs, browser artifacts, system activity, and forensic evidence from compromised devices and systems
  • Support proactive threat identification, mobile threat analysis, and investigative activities across enterprise environments
  • Develop indicators of compromise (IOCs), signatures, YARA rules, detection logic, and analytical findings to support threat detection and incident response
  • Collaborate with cybersecurity operations, threat intelligence, vulnerability management, and incident response teams
  • Prepare technical reports, forensic findings, investigative summaries, and operational briefings
  • Maintain proper evidence handling, chain-of-custody, and investigative documentation procedures
  • Support analysis of emerging threats, malware trends, and mobile security risks impacting enterprise environments

Required Qualifications (Mid-Level)

  • U.S. Citizenship required
  • Active Secret clearance required
  • Bachelor’s degree in Cybersecurity, Computer Science, Digital Forensics, Information Technology, Computer Engineering, or related discipline (equivalent experience considered)
  • Minimum 5 years of experience supporting cybersecurity operations, malware analysis, digital forensics, incident response, mobile security, or related investigative activities
  • Experience supporting forensic investigations involving Windows, Linux, iOS, and/or Android platforms
  • Experience analyzing phishing emails, malicious files, suspicious URLs, and indicators of compromise
  • Familiarity with malware analysis concepts, digital forensic methodologies, and incident response procedures
  • Experience utilizing cybersecurity and forensic tools such as:
    • Cellebrite
    • FTK
    • EnCase
    • Volatility
    • Wireshark
    • IDA Pro
    • Ghidra
    • X-Ways
    • VirusTotal
    • Sandbox analysis platforms
  • Understanding of operating systems, file systems, executable formats, and network protocols
  • Experience with scripting or automation using Python, PowerShell, Bash, or similar languages
  • Strong analytical, investigative, documentation, and communication skills
  • Ability to work independently within operational cybersecurity environments

Preferred Qualifications (Senior-Level Experience)

Candidates possessing one or more of the following advanced qualifications are strongly preferred:

  • 8+ years of experience supporting malware analysis, mobile security, digital forensics, threat hunting, or incident response operations
  • Advanced experience conducting mobile forensic investigations across iOS and Android platforms
  • Experience with advanced mobile extraction methodologies and tools such as:
    • Cellebrite Premium
    • GrayKey
    • Oxygen Forensics
  • Experience performing reverse engineering and analysis of malicious mobile applications, APK/IPA files, and mobile malware
  • Experience analyzing nation-state, spyware, or advanced persistent threat (APT) activity targeting mobile platforms
  • Familiarity with Android and iOS internals, mobile operating system artifacts, SQLite databases, plist files, logs, and mobile telemetry
  • Experience supporting enterprise mobile security initiatives, including Mobile Device Management (MDM) or Enterprise Mobility Management (EMM) environments
  • Experience performing proactive threat hunting, detection engineering, or advanced forensic analysis activities
  • Experience supporting classified, federal, or national security cybersecurity environments
  • Ability to mentor junior analysts and support complex investigative or incident response activities with minimal oversight

Preferred Certifications

One or more of the following certifications is preferred:

  • GREM
  • GCFA
  • GNFA
  • GCIH
  • GCED
  • CISSP
  • CASP+
  • CySA+
  • Security+
  • CREA
  • OSCP / OSEP
  • CEH

Desired Technical Skills

  • Malware analysis and reverse engineering
  • Mobile device forensics
  • Mobile malware analysis
  • Digital forensics and incident response
  • Threat hunting and threat analysis
  • Phishing and email analysis
  • URL/domain analysis
  • Network traffic analysis
  • Enterprise cybersecurity operations
  • Scripting and automation
  • Threat intelligence and IOC development
  • MITRE ATT&CK framework familiarity