Cloud Forensics Analyst (CFA03) - Remote

Immediate fulltime openings for Host Based Cloud Forensic Analysts (CFA) with an active Top Secret or higher to support a critical customer mission that provides front line response for digital forensics/incident response (DFIR) and proactively hunts for malicious cyber activity.

The position is 100% Remote with Business travel (nationwide) as required by the government.


- Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements
- Triage electronic devices and assess evidentiary value
- Correlate forensic findings to network events in support of developing an intrusion narrative
- Document system state information (e.g., running processes, network connections) prior to imaging, as required
- Perform forensic triage of an incident to include determining scope, urgency, and potential impact
- Document forensic analysis from initial participation through resolution
- Collect, process, preserve, analyze, and present computer related evidence
- Coordinate with Government customer to validate/investigate alerts or additional preliminary findings
- Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products
- Assist to document and publishing Computer Network Defense (CND) guidance and reports pertaining to incident findings

Required Skills

- Must be US Citizen due to government requirement.
- Must have an active TS clearance or higher and able to obtain DHS Suitability. Must be SCI eligible.
- BS Computer Science, Cybersecurity, Computer Engineering, or related degree; or HS Diploma & seven (7) to nine (9) years of host or digital forensics experience.
- 5+ years of direct relevant experience in cyber forensic investigations using leading edge technologies and industry standard forensic tools
- Understanding of SaaS, PaaS, and IaaS in the Cloud Environment
- Authoring cyber investigative reports documenting digital forensics findings
- Analyze and characterize cyber-attacks unique to cloud
- Skilled in identifying different classes of attacks and attack stages
- Understanding of system and application security threats and vulnerabilities
- Understanding of proactive analysis of systems and networks, to include creating trust levels, and understanding cloud authentication methods
- Able to work collaboratively across physical locations
- Action-oriented and have a proactive approach to problem solving
- Proficiency with common operating systems (e.g., Linux/Unix, Windows)

Desired Certifications:
- GCLD, GCPS, GCPN, GWEB, CCSP, GCFA, GCFE, GCIH, EnCE, CCE, CFCE, CISSP, Kubernetes Security Specialist, Microsoft 365 Certifications, Microsoft Azure Certifications AWS Certifications, SANS Cloud Courses (SEC541, SEC584, SEC588) and Certifications.

Apply Now

Return to Search Results

Have a Question?





Anticipated Start Date

Tuesday, September 6, 2022

Job Type

Direct Hire

Anticipated Duration


Date Posted

Wednesday, August 10, 2022

Know someone who would be a good fit? We pay for referrals!

Share this job:

Call 800-ELITE-50
Reference #10648

Elite Technical Services, Inc. participates in the E-Verify program to confirm the employment eligibility of all persons hired. This means that we will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee's Form I-9 to confirm work authorization. Elite Technical Services, Inc. will not use E-Verify to pre-screen job applicants.

Elite Technical Services, Inc. is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.