Mobile Threat & Forensics Analyst

If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Mobile Threat & Forensics Analyst FullTime Cybersecurity Serv Washington, DC, US Location: Arlington, VA (Hybrid: Onsite & Remote) Clearance Required: Active Secret Clearance Required (TS/SCI strongly preferred) Employment Type: Full-Time, Regular Position Overview Special Aerospace Security Services, Inc. (SASSI) is seeking a highly motivated Mobile Threat & Forensics Analyst to support a U.S. Government customer in delivering advanced mobile security, malware analysis, digital forensics, and incident response support services within enterprise cybersecurity environments. This position supports evolving cybersecurity operations focused on mobile threats, advanced forensic investigations, malware analysis, phishing investigations, mobile application analysis, and proactive threat identification activities across both traditional and mobile platforms. The selected candidate will work closely with cybersecurity operations, threat intelligence, incident response, and enterprise security teams to support investigative, analytical, and operational cybersecurity missions. SASSI is seeking candidates capable of supporting complex investigative and analytical activities with minimal oversight while operating within fast‑paced operational environments supporting federal cybersecurity missions. This is a hybrid position requiring a combination of onsite support in Arlington, VA and remote work. Candidates must be able to: Maintain availability during core business hours (Monday–Friday) Support onsite mission requirements, classified work, and collaborative operational activities Participate in incident response, investigative, and operational activities as required Remain responsive and engaged during remote support activities through Microsoft Teams, email, and other communication platforms Key Responsibilities Perform malware analysis utilizing static and dynamic analysis techniques to identify malicious behavior, persistence mechanisms, attack vectors, and indicators of compromise (IOCs) Conduct digital forensic analysis of systems, removable media, and mobile devices involved in cybersecurity incidents or investigations Perform mobile device forensic analysis across iOS and Android platforms utilizing forensic acquisition and analysis tools Investigate phishing emails, malicious attachments, suspicious URLs, spoofed domains, and command-and-control (C2) communications Analyze mobile applications, APK/IPA files, suspicious software, and mobile‑specific attack techniques Support proactive threat identification, mobile threat analysis, and investigative activities across enterprise environments Develop indicators of compromise (IOCs), signatures, YARA rules, detection logic, and analytical findings to support threat detection and incident response Collaborate with cybersecurity operations, threat intelligence, vulnerability management, and incident response teams Prepare technical reports, forensic findings, investigative summaries, and operational briefings Maintain proper evidence handling, chain‑of‑custody, and investigative documentation procedures Support analysis of emerging threats, malware trends, and mobile security risks impacting enterprise environments Required Qualifications (Mid‑Level) Active Secret clearance required Bachelor’s degree in Cybersecurity, Computer Science, Digital Forensics, Information Technology, Computer Engineering, or related discipline (equivalent experience considered) Minimum 5 years of experience supporting cybersecurity operations, malware analysis, digital forensics, incident response, mobile security, or related investigative activities Experience supporting forensic investigations involving Windows, Linux, iOS, and/or Android platforms Experience analyzing phishing emails, malicious files, suspicious URLs, and indicators of compromise Familiarity with malware analysis concepts, digital forensic methodologies, and incident response procedures Experience utilizing cybersecurity and forensic tools such as: Cellebrite FTK EnCase Volatility Wireshark IDA Pro Ghidra X-Ways VirusTotal Sandbox analysis platforms Understanding of operating systems, file systems, executable formats, and network protocols Experience with scripting or automation using Python, PowerShell, Bash, or similar languages Strong analytical, investigative, documentation, and communication skills Ability to work independently within operational cybersecurity environments Preferred Qualifications (Senior‑Level Experience) Candidates possessing one or more of the following advanced qualifications are strongly preferred: 8+ years of experience supporting malware analysis, mobile security, digital forensics, threat hunting, or incident response operations Advanced experience conducting mobile forensic investigations across iOS and Android platforms Experience with advanced mobile extraction methodologies and tools such as: Cellebrite Premium GrayKey Oxygen Forensics Experience performing reverse engineering and analysis of malicious mobile applications, APK/IPA files, and mobile malware Experience analyzing nation‑state, spyware, or advanced persistent threat (APT) activity targeting mobile platforms Familiarity with Android and iOS internals, mobile operating system artifacts, SQLite databases, plist files, logs, and mobile telemetry Experience supporting enterprise mobile security initiatives, including Mobile Device Management (MDM) or Enterprise Mobility Management (EMM) environments Experience performing proactive threat hunting, detection engineering, or advanced forensic analysis activities Experience supporting classified, federal, or national security cybersecurity environments Ability to mentor junior analysts and support complex investigative or incident response activities with minimal oversight Preferred Certifications GREM GCFA GNFA GCIH GCED

CISSP

CASP+

CySA+ Security+ CREA

OSCP / OSEP

CEH Desired Technical Skills Malware analysis and reverse engineering #J-18808-Ljbffr Special-Aerospace-Security-Services-Inc