Returning Candidate? Log back in! Cyber Defense Forensics Lead Location US-VA-Ashburn ID 2025-1550 Category Cybersecurity Position Type Full-Time Description

Tyto Athene is searching for a Cyber Defense Forensics Lead to support a law enforcement customer in Ashburn, VA. You will play a critical role in leading in-depth analyses and responding to incidents from cyber threats facing our clients. In addition to being our initial point of contact for end users, you will serve as the escalation point for other analysts, helping guide them through more complex and high-priority incidents.

Responsibilities:

Lead cross-functional teams to perform in-depth analysis and investigation of high-priority cybersecurity incidentsUtilize security tools to analyze, investigate, and triage security alertsCoordinate the monitoring of our customers environments, including cloud and SaaS solutions for evidence of adversarial activityUtilize advanced tools, such as digital forensics or malware analysis capabilities, to identify incidents’ root causes, scope, and impactCollaborate with cyber threat hunting and cyber threat intelligence teamsServe as the primary incident point of contact with law enforcement, third-party vendors, and other external partiesCoordinating tasking from Federal leadershipConduct post-incident analysis and lessons learned to identify improvement opportunitiesDevelop or tune detection rules or signatures to improve the effectiveness of security monitoring and collaborate with engineering teams to implement themAccurately document triage findings, and intake reports of external cybersecurity events from SOC customers via phone or email in the SOCs Incident Management System(IMS)Learn new open and closed-source investigative techniquesPerform research on emerging threats and vulnerabilities to aid their prevention and mitigationAssist in developing and implementing initiatives that will enhance the SOC’s performance (e.g., SOPs, playbooks, capability deployments)Escalate SOC performance issues or risks to managementProvide guidance and mentorship to Tier 1 and Tier 2 SOC Analysts to enhance their skills and capabilities Qualifications Required:

Minimum of seven (7) years professional cybersecurity experience with strong expertise in incident response, insider threat investigations, forensics, and threat analysis.

Minimum of five (5) years hands-on security operations experience, with experience in the last two years including:

Host-based and network-based monitoring

Insider threat detection tools

Host-based forensic tools

SIEM platforms

Intrusion detection and analysis capabilities

Endpoint threat detection tools

Security operations ticketing tools

Proven experience identifying and analyzing anomalous security activities.

Demonstrated ability to create insider-threat dashboards, reports, and workflows.

Strong experience capturing evidence, documenting results, and escalating issues when necessary.

Experience mentoring and training junior team members.

Strong understanding of confidentiality, integrity, and availability (CIA triad) principles and best practices.

Desired:

CISSP - Certified Information Systems Security ProfessionalGCFA - GIAC Certified Forensic AnalystGCFE - GIAC Certified Forensic ExaminerGREM - GIAC Reverse Engineering MalwareGNFA - GIAC Network Forensic Analyst

Clearance:

TS/SCI Clearance required About Tyto Athene

Compensation:

Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits:

Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave.

 

Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains—Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT—empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.  At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?  Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law. Options ApplyApplySubmit a ReferralRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Application FAQs

Software Powered by iCIMS
www.icims.com