Cyber Defense Forensics Lead - Clearance Required

Overview Cydecor is a premier Federal Government solutions provider, delivering differentiated innovations in mission systems and business platforms. We leverage leading-edge secure systems and software development, backed by industry-leading subject matter expertise, and business intelligence to enable decision-support and remain ahead of ever-evolving national security challenges. Our success rests squarely on three bedrock principles: People, our center of gravity; Mission, what inspires us; and an unyielding commitment to Excellence, what separates us. Job Description We are seeking an experienced Cyber Defense Forensics Lead to lead enterprise digital forensics and investigative operations within a 24/7 SOC environment, providing technical expertise, operational oversight, and strategic direction across cyber defense, incident response, and insider threat investigations. Responsibilities Lead digital forensics investigations across enterprise environments, ensuring accurate analysis and timely incident containment Conduct host-based and network-based forensic analysis to identify malicious activity, root cause, and scope of compromise Perform malware triage and analysis to support incident response and threat mitigation efforts Lead insider threat investigations, including detection, analysis, and escalation of suspicious or malicious user activity Ensure strict adherence to evidence handling procedures, including chain-of-custody requirements and forensic integrity standards Collect, preserve, analyze, and document digital evidence in support of investigative and legal processes Develop and maintain forensic workflows, investigative methodologies, and standard operating procedures Create dashboards, reports, and visualizations to support forensic investigations and SOC visibility Analyze anomalous system and user behavior to identify potential insider threats or advanced adversary activity Utilize forensic tools, SIEM platforms, endpoint detection and response (EDR), and intrusion detection systems (IDS) to support investigations Support incident response teams by providing forensic expertise during active security incidents Correlate forensic findings with threat intelligence to enhance detection and response capabilities Provide mentorship and technical guidance to junior analysts and investigators Coordinate with cross-functional teams including threat intelligence, incident response, and SOC operations Ensure compliance with federal cybersecurity standards, policies, and investigative requirements Support reporting and escalation of security incidents to appropriate stakeholders and leadership Required Qualifications Bachelor’s degree Minimum of 7 years of experience in cybersecurity, digital forensics, or incident response Minimum of 5 years of hands‑on experience conducting host-based and network-based security monitoring and forensic analysis Strong experience identifying and analyzing anomalous activity, insider threats, and advanced cyber threat behaviors Hands‑on experience with forensic tools, SIEM platforms, EDR solutions, IDS/IPS, and security operations workflows Experience supporting incident response efforts, including threat containment, eradication, and recovery Strong understanding of evidence handling, chain-of-custody procedures, and forensic investigation best practices Experience developing forensic reports, dashboards, and workflow documentation Ability to analyze large data sets and correlate findings across multiple sources Strong understanding of cybersecurity principles, threats, and attack methodologies Experience handling sensitive or classified information in accordance with federal security standards Desired Qualifications GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), GIAC Certified Incident Handler (GCIH), or an equivalent certification Experience supporting insider threat programs or user activity monitoring (UAM) initiatives Experience working in a 24/7 SOC or federal cybersecurity operations environment Familiarity with threat intelligence integration and adversary TTP analysis Experience building or enhancing forensic capabilities within enterprise environments Experience mentoring analysts in cyber forensics and investigative techniques Security Clearance Active TS/SCI (or TS with SCI eligibility) Education Bachelor’s degree Work Schedule Monday‑Friday, Hybrid Compensation & Benefits Cydecor offers a comprehensive compensation package including Health and Dental Insurance, Vision and Life Insurance, Short‑Term & Long‑Term Disability, 401(K) + company match, Paid Time Off (PTO), Paid Company Holidays, Tuition and Professional Development Assistance and more. Equal Employment Opportunity Statement Cydecor is an Equal Employment Opportunity/Affirmative Action Employer (EEO/AA). All employment and hiring decisions are based on qualifications, merit, and business needs without regard to race, religion, color, sexual orientation, nationality, gender, ethnic origin, disability, age, sex, gender identity & expression, veteran status, marital status, or any other characteristic protected by applicable law. If you are a qualified individual with a disability and/or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to access job openings or apply for a job on this site because of your disability. You can request assistance by contacting or calling 703‑884‑2105. #J-18808-Ljbffr