2

Full Time Cyber Forensics Jobs (NOW HIRING)

Everforth ECS is seeking a Cyber Defense Forensics Analysts - Mid to work in our Washington, DC ... The position is full time/permanent and will support a US Government civilian agency. The position ...

... SOC experience and forensic expertise, working closely with skilled Red Teamers to identify and counter advanced adversary techniques. This is a full-time position with the Leidos Cyber ...

New

next page

Showing results 1-20

Full Time Cyber Forensics information

See salary details

$69.5K

$101.6K

$154.5K

How much do full time cyber forensics jobs pay per year?

As of Jul 3, 2026, the average yearly pay for full time cyber forensics in the United States is $101,608.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,500.00 and $132,000.00 per year, depending on experience, location, and employer.

What is the difference between Full Time Cyber Forensics vs Cyber Security Analyst?

AspectFull Time Cyber ForensicsCyber Security Analyst
CertificationsEnCE, GCFA, CISSP (preferred)CISSP, CompTIA Security+
Work EnvironmentInvestigative labs, law enforcement agencies, corporate security teamsNetwork operations centers, corporate offices, security teams
Employer & IndustryLaw enforcement, government, private forensics firmsBusinesses, government agencies, IT firms

Full Time Cyber Forensics focuses on investigating cybercrimes, analyzing digital evidence, and working closely with law enforcement. Cyber Security Analysts primarily monitor, prevent, and respond to security threats in real-time. While both roles require cybersecurity knowledge and certifications, forensics emphasizes evidence collection and legal procedures, whereas analysts focus on proactive defense and threat mitigation.

More about Full Time Cyber Forensics jobs
What are the most commonly searched types of Cyber Forensics jobs? The most popular types of Cyber Forensics jobs are:
What states have the most Full Time Cyber Forensics jobs? States with the most job openings for Full Time Cyber Forensics jobs include:
Infographic showing various Full Time Cyber Forensics job openings in the United States as of June 2026, with employment types broken down into 40% As Needed, 40% Full Time, and 20% Nights. Highlights an 98% Physical, 1% Hybrid, and 1% Remote job distribution, with an average salary of $101,608 per year, or $48.9 per hour.
Cyber Defense Forensics Analysts - Mid

Cyber Defense Forensics Analysts - Mid

ECS

Washington, DC • On-site

$102K - $117K/yr

Full-time

Posted 19 days ago


Job description

Everforth ECS is seeking a Cyber Defense Forensics Analysts - Mid to work in our Washington, DC office.
Position Summary:
ECS Federal is a leading information security and information technology company in Washington, DC. We are looking to hire a mid-level Cyber Defense Forensics Analyst to support a full range of cyber security services on a long-term contract in Washington DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.
Security Clearance Requirement:
  • Active Secret clearance

Job Requirements:
  • Strong written and verbal communication skills.
  • Create detections and automation to detect, contain, eradicate, and recover from security threats.
  • Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques.
  • Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTPs (Tactics, Techniques, and Procedures).
  • Conduct proactive hunts through enterprise networks, endpoints, or datasets in order to detect malicious, suspicious, or risky activities that have evaded detection by existing tools.
  • Solid knowledge of TCP/IP networking, and network services such as DNS, SMTP, DHCP, etc.
  • Solid understanding of attacker tradecraft associated with email, app-based, cloud threats and the ability to apply defensive tactics to protect against threats.
  • Good knowledge of operating system internals, OS security mitigations, understanding of Security challenges in Windows, Linux, Mac, Android & iOS platforms
  • Experience using forensic tools (e.g., EnCase, Sleuthkit, FTK).
  • Ability to perform deep analysis of captured malicious code (e.g., malware forensics).
  • Skill in analyzing anomalous code as malicious or benign.
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Incorporate agile, threat intelligence-driven or hypothesis-based threat hunting, and the MITRE ATT&CK framework to identify and prioritize development of missing or ineffective detection capabilities to detect, prevent, and respond to cyber events originating from threat actors.

Certifications/Licenses:
  • Bachelor's degree or higher
  • 5+ years' performing cyber threat hunting and forensics support for incident response.
  • Certifications addressing identification of malicious system and user activity, incident response in an enterprise environment, timeline artifact analysis, timeline collection, timeline processing, volatile data collection, analysis of profiling of systems and devices, analysis of file and program activity, acquisition, preparation, and preservation of digital evidence, analysis of user communications, advanced IDS concepts, applications protocols, concepts of TCP/IP and the link layer, DNS, fragmentation, IDS fundamentals and initial deployment (e.g., snort, bro), IDS rules (e.g., snort, bro), IPv6, network architecture and event correlation, network traffic analysis and forensics, or packet engineering.
  • Active Secret clearance or higher

Salary Range: $102,600 - $117,500
General Description of Benefits
Position Responsibilities:
  • Identify threat tactics, methodologies, gaps, and shortfalls aligned with the MITRE ATT&CK Framework and the Azure Threat Research Matrix (ATRM).
  • Perform Hypothesis-based or Intelligence-based Cyber Threat Hunts to identify threats and risks within environments.
  • Use cloud-native techniques and methods to identify and create threat detections for automated response activities.
  • Use Agile methodology to organize intelligence, hunts and project status.
  • Be able to independently research intelligence reports to find actionable data for conducting intel or hypothesis-based hunts.
  • Explore and correlate large data sets to uncover novel attack techniques, monitor and catalog changes in activity group tradecraft, and investigate alerts for enterprise customers.
  • Conduct analysis of log files, evidence, and other information to determine best methods for identifying the perpetrator(s) of a network intrusion.
  • Confirm what is known about an intrusion and discover new information, if possible, after identifying intrusion via dynamic analysis.
  • Create a forensically sound duplicate of the evidence (i.e., forensic image) that ensures the original evidence is not unintentionally modified, to use for data recovery and analysis processes.
  • Provide a technical summary of findings in accordance with established reporting procedures.
  • Ensure that chain of custody is followed for all digital media acquired in accordance with the Federal Rules of Evidence.
  • Recognize and accurately report forensic artifacts indicative of a particular operating system.
  • Extract data using data carving techniques (e.g., Forensic Tool Kit [FTK], Foremost).
  • Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.