Volexity, Inc. Incident Response and Forensic Analyst Remote · Full time Company website

Volexity is looking for an Incident Response and Forensic Analyst to join its rapidly growing services team.

About Volexity, Inc.

Volexity is a Washington DC-based cyber security firm with a global reach. The company was founded by the team who created Volatility, the world’s most widely used memory forensics platform. Volexity provides cyber security and digital forensics products and services to Fortune companies, government agencies, and leading security vendors across the globe. Over the past decade, the Volexity team has developed groundbreaking technology solutions, transforming the way modern digital investigations are performed. These solutions increase enterprise visibility and facilitate rapid intrusion suppression.

Description

Location: Remote (USA)


Experience Level:

Mid-level (Senior role may be considered for the right applicant)


Position Type:

Volexity Incident Response & Advanced Threat Analysis


JOB DESCRIPTION

Volexity’s Incident Response and Forensic Analysts provide support and lead investigations related to a wide range of cyber-attacks.  


Candidates applying for this role should expect a job opportunity where they can:


  • Analyze and respond to everything ranging from widespread commodity threats to the most complex and advanced intrusions facing organizations today
  • Work on investigations that evoke a sense of personal investment
  • Collaborate with Volexity’s Network Security Monitoring, Threat Intelligence, and Engineering teams 

 

Candidates should have experience with analyzing systems and system artifacts, such as memory, disk images, logs, and network data, to determine root cause and impact. Analysts collaborate with Volexity's Threat Intelligence and client teams to uncover attacker activity, preserve digital evidence, and provide clear forensic findings.


RESPONSIBILITIES


Responsibilities of an Incident Response and Forensic Analyst will include but not be limited to:


  • Incident Response: Lead and support investigations into security incidents, including APT intrusions, malware infections, ransomware, unauthorized access to cloud environments, and data breaches.
  • Digital Forensics: Collect, preserve, and analyze digital evidence across endpoints, servers, cloud environments, and network systems, placing strong emphasis on memory forensics and volatile data analysis.
  • Tool & Process Development: Develop and refine forensic workflows, scripts, and methodologies to improve investigation effectiveness.
  • Reporting & Documentation: Produce detailed forensic reports, executive summaries, and technical briefs that clearly communicate findings.
  • Cross-Team Collaboration: Partner with our Network Security Monitoring, Threat Intelligence, and Engineering teams to share insights and strengthen detection and response capabilities within our solutions.
  • Proactive Assessments: Support threat-hunting activities, compromise assessments, and M&A cybersecurity assessments to identify weaknesses before incidents occur.
  • Trusted Advisory: Serve as a trusted advisor to clients by addressing cybersecurity questions, providing expert guidance, and supporting their overall security posture.

 

REQUIRED SKILLS


As an Incident Response and Forensic Analyst, the expected skillset should include:


  • At least 3-5 years of hands-on experience performing digital forensics during security incidents, including evidence acquisition, preservation, and analysis
  • Proficiency in analyzing host and network-based artifacts (logs, memory, disk images, network traffic) using command-line tools and scripts
  • Strong knowledge of operating systems internals (Windows, Linux, macOS) and common attack techniques
  • Well versed in investigating activity in Microsoft 365, Google Workspace, GCP, Azure, AWS, and OCI environments. 
  • Experience responding to complex breaches related to web applications, operating systems, embedded devices, and cloud services
  • Ability to understand different attack techniques and how they relate to specific forensic artifacts
  • Familiar scripting with Python and Bash to automate forensic analysis, parse logs, and support incident response workflows
  • Excellent written and verbal communication skills, with the ability to document and communicate findings to customers 
  • Knowledge of the current threat landscape and the TTPs of various threat actors
  • Resourceful self-starter who can work both with a team and independently, when required

 

PREFERRED EXPERIENCE


Successful candidates for this role may also demonstrate the following experience or skills:


  • Strong understanding of computer memory structure and how it relates to memory forensics
  • Prior use of memory analysis frameworks such as Volatility.
  • Familiarity with other commercial forensic platforms related to Windows, macOS, Linux, and iOS 
  • Experience with EDR/XDR platforms such as SentinelOne, Microsoft Defender for Endpoint, and CrowdStrike Falcon
  • Experience responding to incidents in cloud environments, such as AWS or Azure


COMPENSATION

Compensation may vary based on location, experience, and skills. We are open to discussing total compensation including benefits, equity, and professional development budget.


Volexity values diversity and is an equal opportunity employer. All employment is decided on the basis of qualifications, merit, and business need.