ZipRecruiter

Log In

1

Network Forensics Jobs (NOW HIRING)

Cybervance

Forensics Analyst Lead

Portland, OR

Lead and oversee all digital forensic investigations across endpoint, server, network, cloud, and mobile environments. * Establish forensic standards, methodologies, and toolsets. * Act as the ...

Cybervance, Inc

Forensics Analyst Lead

Portland, OR · On-site +1

Lead and oversee all digital forensic investigations across endpoint, server, network, cloud, and mobile environments. * Establish forensic standards, methodologies, and toolsets. * Act as the ...

Nwis

Cyber Network Forensic Analyst II

Sterling, VA

Nightwing is seeking a Network Forensics Analyst to support this critical customer mission. Responsibilities: - Assists the Government lead in coordinating teams in preliminary incident response ...

Nwis

Cyber Network Forensic Analyst II

Sterling, VA · On-site

Nightwing is seeking a Network Forensics Analyst to support this critical customer mission. Responsibilities: - Assists the Government lead in coordinating teams in preliminary incident response ...

next page

Showing results 1-20

All JobsNetwork Forensics Jobs

Network Forensics information

See salary details

$22K

$106.6K

$162.5K

How much do network forensics jobs pay per year?

As of Jun 9, 2026, the average yearly pay for network forensics in the United States is $106,570.00, according to ZipRecruiter salary data. Most workers in this role earn between $80,500.00 and $128,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Network Forensics position, and why are they important?

To thrive in Network Forensics, you need strong analytical abilities, in-depth knowledge of networking protocols, cybersecurity concepts, and a degree in computer science or a related field. Familiarity with tools such as Wireshark, EnCase, FTK, and certifications like GCFA or CFCE is highly valuable. Attention to detail, critical thinking, and effective communication skills are essential soft qualities for this role. These skills enable professionals to accurately investigate network incidents, interpret digital evidence, and collaborate efficiently with technical and non-technical stakeholders.

What are the typical day-to-day responsibilities for someone working in Network Forensics?

Network Forensics professionals spend their days analyzing network traffic, identifying security breaches or anomalous activities, and reconstructing the timeline of events using specialized forensic tools. They often collaborate with IT security teams, law enforcement, or legal departments to gather, preserve, and report on digital evidence. Preparing detailed documentation and presenting findings clearly to both technical and non-technical audiences is also a vital part of the job. This role can involve responding to incidents in real time as well as conducting thorough post-incident investigations, making adaptability and a meticulous approach important for success.

What is a Network Forensics job?

A Network Forensics job involves analyzing network traffic to detect, investigate, and mitigate cybersecurity incidents. Professionals in this role collect and examine digital evidence to identify security breaches, malicious activities, or policy violations. They use specialized tools to track intrusions, reconstruct cyberattacks, and support legal proceedings if necessary. This role is crucial for maintaining network security, preventing data breaches, and ensuring compliance with cybersecurity regulations.

More about Network Forensics jobs
What cities are hiring for Network Forensics jobs? Cities with the most Network Forensics job openings:
What are the most commonly searched types of Network Forensics jobs? The most popular types of Network Forensics jobs are:
What states have the most Network Forensics jobs? States with the most job openings for Network Forensics jobs include:
What job categories do people searching Network Forensics jobs look for? The top searched job categories for Network Forensics jobs are:
Network Forensics jobs near you
Infographic showing various Network Forensics job openings in the United States as of May 2026, with employment types broken down into 1% Locum Tenens, and 99% Full Time. Highlights an 93% Physical, 2% Hybrid, and 5% Remote job distribution, with an average salary of $106,570 per year, or $51.2 per hour.

Network Forensics Cybersecurity Analyst

NewGen

Arlington, VA • On-site

Full-time

Posted 23 days ago

Job description

Our Partner provides support for on and offsite incident response to Government agencies and critical infrastructure owners who experience cyber-attacks. They provide advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation, using host and network-based cybersecurity analysis capabilities. Personnel perform investigations to characterize the level of severity of breaches and develop mitigation/remediation plans. They are seeking Network Forensics Cybersecurity Analysts to support this critical customer mission.
Responsibilities
  • Assist the Government lead in coordinating teams in preliminary incident response investigations
  • Assist the Government lead with interfacing with the customer while on site
  • Determine appropriate courses of actions in response to identified and analyzed anomalous network activity
  • Assess network topology and device configurations identifying critical security concerns and providing security best practice recommendations
  • Assist with the writing and publishing of Computer Network Defense guidance and report on incident findings to appropriate constituencies
  • Collect network intrusion artifacts (e.g., PCAP, domains, URI's, certificates, etc.) and use discovered data to enable mitigation of potential Computer Network Defense incidents
  • Analyze identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information
  • Collect network device integrity data and analyze for signs of tampering or compromise
  • Assist with real-time CND incident handling (i.e., forensic collections, intrusion correlation and tracking, threat analysis, and advising on system remediation) tasks to support onsite engagements
Requirements
  • U.S. Citizenship
  • Active TS/SCI Clearance
    - Must be able to obtain DHS Suitability
  • BS Computer Science, Cyber Security, Computer Engineering, or related degree; or HS Diploma & 4-6 years of network investigations experience
  • 2+ years of directly relevant experience in network investigations
  • In depth knowledge of CND policies, procedures and regulations
  • In depth knowledge of TCP/IP protocols
  • In depth knowledge of standard protocols - ICMP, HTTP/S, DNS, SSH, SMTP, SMB, NFS, etc.
  • In depth knowledge and experience of Wifi networking
  • In depth knowledge and experience of network topologies - DMZ's, WAN's, etc.
  • Substantial knowledge of Splunk (or other SIEM's)
  • Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
  • Knowledge of Computer Network Defense policies, procedures, and regulations
  • Knowledge of defense-in-depth principles and general attack stages with respect to network security architecture
  • Ability to characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
  • Ability to identify and analyze anomalies in network traffic using metadata
  • Experience with reconstructing a malicious attack or activity based on network traffic
  • Experience examining network topologies to understand data flows through the network
  • Must be able to work collaboratively across physical locations
Desired Skills
  • Substantial knowledge of network device integrity concepts and methodologies
  • Proficiency with network analysis software (e.g. Wireshark)
  • Proficiency with carving and extracting information from PCAP data
  • Proficiency with non-traditional network traffic (e.g. Command and Control)
  • Proficiency with preserving evidence integrity according to standard operating procedures or national standards
  • Proficiency with designing cyber security systems and environments in a Linux and/or Windows environment
  • Proficiency with virtualized environments
  • Certifications:
    • DoD 8140.01 IAT Level II, IASAE II, CSSP Analyst
    • DoD 8140.01 GCIA, GCIH, CSSP Analyst/CSSP Incident Responder
    • DoD 8140.01 CEH, CSSP Analyst
    • SANS GIAC GNFA preferred

About Us
For more than 20 years, NewGen Technologies has solved our clients' toughest IT challenges with integrity, security, and outstanding service by delivering both technology and talent. We have helped secure borders, have used artificial intelligence (AI) to fight terror, aided the identification of criminals, and have helped to prevent crime through the introduction of biometrics. Our team of Highly Cleared Specialists have hard-to-find skills and expertise in a wide spectrum of technologies to provide solutions that transform business processes and solve problems of national significance. #CJ

Apply