Security Analyst - Forensics & Malware Analysis

Job Description

Job Description

Revolutional delivers advanced technology solutions and mission support to federal agencies across civilian, health, and national security environments. We apply modern capabilities, including AI/ML, cloud, cybersecurity, and IT modernization to solve complex challenges, enable faster and more secure operations, and drive measurable mission outcomes.

We are redefining how federal technology gets built and delivered by operating with a product mindset, prioritizing speed, ownership, and execution over bureaucracy.

Title: Security Analyst - Forensics & Malware Analysis

Location: Chandler, AZ or Washington, DC

Terms: Full-time

Clearance: Active Secret required; TS/SCI preferred

Travel: 0-20%

Position Description

As a Security Analyst specializing in Forensics and Malware Analysis at Revolutional, you are the person the team calls when an incident goes deep. You conduct digital forensic investigations and malware analysis on compromised systems, media, and artifacts to determine scope, attribution, and impact — and you produce findings that drive response decisions and inform the broader security posture.

You are a technical specialist, not a generalist. You bring extensive hands-on experience with digital media analysis, forensic tooling, and malware reverse engineering. You work independently on complex investigations, maintain rigorous chain of custody, and translate technical findings into clear, actionable reporting for both technical peers and program leadership.

Responsibilities

• Conduct digital forensic investigations on compromised endpoints, servers, storage media, and network artifacts, maintaining proper chain of custody throughout
• Perform static and dynamic malware analysis to identify malware behavior, capabilities, persistence mechanisms, and indicators of compromise (IOCs)
• Analyze memory dumps, disk images, log files, and network captures to reconstruct attack timelines and determine scope of compromise
• Identify and extract IOCs from forensic investigations and malware samples; coordinate with threat intelligence and SOC teams to operationalize findings
• Support incident response activities by providing forensic analysis that informs containment, eradication, and recovery decisions
• Produce clear, thorough forensic reports and malware analysis write-ups suitable for technical teams and executive audiences
• Maintain and operate forensic lab environments, tools, and procedures in accordance with program and federal evidentiary standards
• Contribute to development and refinement of forensic and malware analysis procedures, playbooks, and tooling
• Stay current on adversary tradecraft, malware families, and emerging analysis techniques relevant to the federal threat landscape
• Support classified incident investigations as required, handling evidence and findings in accordance with applicable security protocols

What You Bring (Requirements)Baseline Requirements

• Bachelor's degree in Computer Science, Information Security, Digital Forensics, or related field (or equivalent experience)
• 5 or more years of security-related experience, with extensive hands-on experience in digital media analysis and digital forensics
• Active Secret clearance; Top Secret/SCI eligibility required

Technical & Domain Capabilities

• Extensive experience with digital forensic methodologies: disk and media acquisition, file system analysis, artifact recovery, and timeline reconstruction
• Hands-on malware analysis experience including static analysis (disassembly, code review) and dynamic analysis (sandboxing, behavioral observation)
• Proficiency with industry-standard forensic tools such as EnCase, FTK, Autopsy, Volatility, IDA Pro, Ghidra, or equivalent
• Experience analyzing Windows, Linux, and/or cloud-based environments for signs of compromise and attacker activity
• Familiarity with network forensics: packet capture analysis, NetFlow, proxy logs, and identifying lateral movement or exfiltration artifacts
• Understanding of attacker TTPs, kill-chain methodology, and MITRE ATT&CK framework as applied to forensic analysis
• Experience producing forensic reports and malware analysis documentation that meet legal and evidentiary standards

Core Strengths

• Technically deep and intellectually rigorous — you dig until you find the answer and don't stop at surface-level findings
• Detail-oriented with strong documentation discipline; your work product holds up under scrutiny
• Able to work independently on complex, ambiguous investigations without needing constant direction
• Communicates technical findings clearly to both technical peers and non-technical leadership

Certifications

One certification from each of the following groups is required:

Group 1 — Security Specialty

• CISSP Associate, CCSP, SSCP, GMON, GCIH, GCIA, GECD, CEH, or CASP+

Group 2 — DoD 8570 CSSP

• Any certification qualifying under the DoD 8570 CSSP Analyst, Infrastructure Support, or Incident Responder categories, or other similar certifications as approved

Nice to Have (Differentiators)

• Forensics-specific certifications: GCFE, GCFA, GNFA (GIAC), EnCE (EnCase), or CFCE (Certified Forensic Computer Examiner)
• Malware analysis certifications: GREM (GIAC Reverse Engineering Malware) or equivalent
• Experience conducting forensic investigations in classified or law enforcement environments
• Familiarity with mobile device forensics, cloud forensics, or memory forensics at advanced levels
• Experience supporting legal proceedings or law enforcement actions with forensic findings
• Active TS/SCI clearance

#DICE #LinkedIn

___________________________________________________________________________________________________________

Here at Revolutional we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day. Some of these recognitions include:

• Recognized as a Top 20 "Best Place to Work in Virginia"
• Recipient of Department of Labor's HireVets Gold Medallion
• Great Place to Work Certification for five years running
• A Virginia Chamber of Commerce Fantastic 50 company
• A Northern Virginia Technology Council Tech 100 company
• Inc. 5000 list of fastest growing companies for eleven years
• Two-time SBA SBIR Tibbett's Award winner
• Virginia Values Veterans (V3) Certification

We recognize that every bit of our success is the result of our teams of hard-working, motivated, and innovative professionals who are proud to call themselves part of the Revolutional family! In addition to competitive compensation, a family-focused culture, and a dynamic, productive work environment, we offer all full-time employees a variety of benefits including, but not limited to

• Traditional and HSA- eligible medical insurance plans
• 100% employer-paid dental and vision insurance options
• 100% employer-sponsored STD, LTD, and life insurance
• 5% 401(k) company matching
• Flexible-schedules and teleworking options
• Paid holidays and PTO Accrual Plans
• Paid Parental Leave
• Professional development and career growth opportunities
• Team and company-wide events, recognition, and appreciation-- and so much more!

Check out our Revolutional | LinkedIn to find out a little more about who we are and if we are the right next step for your career!

Revolutional is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics. Revolutional does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans. To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation, please contact View email address on ziprecruiter.com.