Cybervance

Role Description We are seeking a full-time Mid-Level Digital Forensics Analyst who supports and conducts digital forensic investigations related to cybersecurity incidents, insider threats, data loss, and policy or regulatory inquiries. This role performs hands-on forensic analysis under established methodologies while working closely with senior forensics staff, incident response teams, and legal or compliance stakeholders. - Conduct forensic analysis on endpoints, servers, and removable media. - Acquire, preserve, and analyze digital evidence in accordance with forensic best practices. - Perform disk, memory, and artifact analysis to identify user activity, malware, or unauthorized access. - Support investigations involving security incidents, insider activity, and data exfiltration. - Assist incident response teams with forensic scoping, timeline creation, and root cause analysis. - Analyze forensic artifacts to determine attack vectors, persistence mechanisms, and impact. - Identify indicators of compromise (IOCs) and support remediation efforts. - Maintain proper evidence handling and chain-of-custody documentation. - Produce clear forensic notes, findings, and supporting artifacts. - Contribute to forensic and incident reports used by technical, legal, or leadership teams. - Utilize forensic tools for data acquisition, analysis, and reporting. - Perform artifact validation and cross-verification to ensure analytical accuracy. - Support improvements to forensic workflows and repeatable procedures. - Work closely with senior forensic analysts and incident responders. - Participate in tabletop exercises, incident reviews, and training activities. - Continue skill development in forensic techniques, tools, and emerging technologies. Qualifications - 3–5 years of experience in digital forensics, incident response, or cybersecurity analysis. - Hands-on experience performing forensic acquisitions and analysis. - Solid understanding of: - Windows and Linux operating systems - File systems, logs, and system artifacts - Common attacker behaviors and malware indicators - Strong documentation and written communication skills. - Ability to follow evidence handling and legal defensibility requirements. Requirements - Experience with memory forensics, log correlation, or malware triage. - Familiarity with cloud, SaaS, or email forensics (e.g., M365, cloud platforms). - Scripting or automation experience (Python, PowerShell, Bash). - Certifications such as GCFA, GCIH, CHFI, EnCE, or equivalent. - Experience in regulated, enterprise, or government environments.

Role Description We are seeking a full-time Senior Training Specialist who is responsible for leading the design, delivery, and continuous improvement of advanced training programs that support organizational readiness, technical excellence, and mission success. This role serves as a subject-matter authority and instructional leader, shaping training strategy, mentoring junior trainers, and ensuring programs align with evolving threats, technologies, and operational requirements. The ideal candidate has deep domain knowledge, strong instructional design expertise, and the ability to influence stakeholders while delivering high-impact training across diverse audiences. Responsibilities - Incorporate existing phishing simulation tool, KnowBe4, to execute monthly campaigns and integrate the campaign results into the overall training and awareness program. - Develop annual, role-based, and ad hoc training modules. - Track participation, provide metrics, and deliver quarterly or monthly reports on program effectiveness and areas for improvement, as applicable. - Coordinate the annual Cybersecurity Awareness Month activities each October in collaboration with the Office of Chief Information Officer's program and teams. Qualifications - 7+ years of experience in training, education, cybersecurity, IT, or a related technical field. - Demonstrated experience leading training programs or curricula. - Strong understanding of relevant technical or operational domains (e.g., cybersecurity, IT, SOC operations). - Excellent presentation, facilitation, and written communication skills. - Experience mentoring instructors or training staff. Requirements - Lead development and execution of comprehensive training strategies and curricula. - Define learning objectives, success metrics, and certification or qualification pathways. - Align training programs with organizational risk, mission goals, compliance, and operational needs. - Serve as a senior advisor to leadership on workforce readiness and skill gaps. - Design complex, multi-level training curricula, labs, simulations, and scenario-based exercises. - Develop and maintain advanced instructional materials, including: - Instructor-led courses - Hands-on technical labs - Tabletop and operational exercises - Ensure content reflects current technologies, threat landscapes, and best practices. - Deliver advanced instructor-led training, workshops, and executive briefings. - Facilitate complex exercises such as incident response simulations or operational drills. - Adapt instruction for technical, operational, and leadership audiences. - Mentor and coach junior and mid-level training staff or instructors. - Review and approve training materials for accuracy, relevance, and instructional quality. - Establish training standards, templates, and best practices. - Measure training effectiveness using assessments, metrics, and stakeholder feedback. - Continuously improve programs based on lessons learned, incidents, and operational feedback. - Maintain training documentation, records, and compliance artifacts. - Partner with security, IT, SOC, HR, and leadership teams to identify training needs. - Support onboarding, certifications, and continuing education initiatives. - Contribute to audits, compliance reviews, and accreditation efforts related to training. Benefits - Competitive salary and benefits package. - Opportunities for professional development and growth. - Supportive work environment with a focus on collaboration.

Role Description We are seeking a full-time Forensics Analyst Lead who is responsible for leading the organization's digital forensics capability, overseeing investigations related to cyber incidents, insider threats, data breaches, and legal or regulatory matters. This role provides technical leadership, investigative oversight, and expert guidance to ensure forensic activities are conducted accurately, defensibly, and in alignment with legal and regulatory requirements. The ideal candidate combines deep forensic expertise with leadership skills, sound judgment under pressure, and the ability to communicate complex findings to technical teams, legal partners, and executive leadership. - Lead and oversee all digital forensic investigations across endpoint, server, network, cloud, and mobile environments. - Establish forensic standards, methodologies, and toolsets. - Act as the primary escalation point for complex or high-impact forensic cases. - Ensure investigations follow best practices for evidence handling and forensic integrity. - Support and lead forensic analysis during security incidents, including malware infections, intrusions, and data exfiltration events. - Conduct advanced forensic analysis to identify root cause, attacker activity, and impact. - Reconstruct timelines and analyze artifacts to support incident response and remediation efforts. - Collaborate closely with Incident Response, SOC, Threat Hunting, and Legal teams. - Ensure proper evidence preservation, chain of custody, and documentation. - Provide forensic findings to legal, compliance, HR, and regulatory stakeholders. - Support internal investigations, litigation, and eDiscovery processes. - Serve as a subject-matter expert for forensic procedures during audits or legal proceedings. - Evaluate, deploy, and maintain forensic tools and technologies. - Improve forensic readiness through logging, data retention, and evidence collection strategies. - Develop scripts, workflows, or automation to improve forensic efficiency and consistency. - Lead, mentor, and train forensic analysts and incident responders. - Review forensic work products for quality and accuracy. - Contribute to training programs, tabletop exercises, and forensic playbooks. - Produce detailed forensic reports, timelines, and root cause analyses. - Translate technical findings into clear business, legal, and risk-based narratives. - Brief senior leadership on incident findings, impact, and recommendations. Qualifications - 7–10+ years of experience in digital forensics, incident response, or cybersecurity investigations. - Proven experience leading forensic investigations and teams. - Deep understanding of: - Endpoint, memory, disk, and network forensics - Malware analysis and attacker techniques - Evidence handling and chain-of-custody requirements - Hands-on experience with industry-standard forensic tools. - Strong written communication and technical reporting skills. Preferred Qualifications - Experience with cloud and SaaS forensics (AWS, Azure, GCP, M365, Google Workspace). - Experience supporting legal, HR, or regulatory investigations. - Scripting or automation experience (Python, PowerShell, Bash). - Certifications such as GCFA, GCED, GCIH, CISSP, EnCE, or equivalent. - Experience in government, finance, healthcare, or other regulated environments.