Conduct digital investigations related to cybersecurity incidents, insider threat concerns, policy violations, and suspicious activity. Collect, preserve, analyze, and document digital evidence from endpoints, servers, mobile devices, cloud environments, logs, and network sources. Support cybersecurity operations by triaging alerts, correlating threat activity, and assisting with incident response and containment efforts. Perform forensic analysis using industry-standard tools and methodologies to determine attack vectors, timeline of events, impacted systems, and scope of compromise. Maintain chain of custody and proper evidence handling procedures in support of internal investigations and potential legal or regulatory matters. Analyze system, application, security, and network logs to identify indicators of compromise and anomalous behavior. Collaborate with Security Operations Center, Threat Intelligence, IT, HR, Legal, and Compliance teams during investigations. Prepare clear, concise, and defensible investigative reports, briefings, and technical documentation for both technical and non-technical audiences. Assist in developing and improving digital investigation procedures, playbooks, and evidence collection standards. Recommend remediation and mitigation actions based on investigative findings. Stay current on emerging cyber threats, attacker tactics, forensic techniques, and relevant technologies. Basic Qualifications: Typically requires a Bachelor’s degree and a minimum of 2 years of related experience; or an advanced degree with relevant experience who can immediately contribute at this job step; or equivalent combination of related education. Experience supporting investigations involving endpoints, operating systems, user activity, malware, or network-based threats. Familiarity with common forensic and investigative tools, SIEM platforms, endpoint detection and response tools, and log analysis solutions. Knowledge of incident response processes, digital evidence handling, and forensic best practices. Understanding of Windows, Linux, and/or mac. OS operating systems and associated artifacts relevant to investigations. Strong analytical, problem-solving, and documentation skills. Ability to communicate investigative findings clearly to technical and non-technical stakeholders. This position requires a minimum of 4 days a week on-site Preferred Qualifications: Experience in a Security Operations Center, Computer Security Incident Response Team, or digital forensics function. Familiarity with cloud investigation techniques in environments such as Azure, AWS, or Google Cloud. Experience with eDiscovery, insider threat investigations, or fraud-related digital analysis. Exposure to malware analysis, threat hunting, or network forensics. Relevant certifications such as Security , Cy. SA , GCFA, GCIH, GCFE, En. CE, CHFI, or similar. Knowledge of regulatory, compliance, and privacy considerations related to investigations. This requisition requires the candidate to have a minimum of the following clearance(s):None. This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):None. Salary compensation range and midpoint:$103,600 - $129,500 - $155,400 Annual. Work Location Type:Onsite. Commitment to Non-Discrimination. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local or international law.