Host Based Cyber Systems Analyst III

About the positionResponsibilities• Lead and coordinate forensic investigations in support of incident response engagements and post-compromise assessments. • Plan, direct, and execute the collection, examination, and analysis of host-based evidence across multiple operating systems and environments. • Acquire, preserve, and analyze digital artifacts (malware, volatile memory, registry data, user activity, logs, and executables) to support attribution and root-cause analysis. • Perform forensic triage to determine incident scope, urgency, and potential impact on enterprise operations.• Correlate host-level findings with network telemetry to reconstruct intrusion narratives and identify persistence or lateral movement. • Evaluate and dissect malicious code and executable behavior to identify tactics, techniques, and procedures (TTPs). • Maintain strict chain of custody and documentation standards to ensure evidence integrity. • Distill technical analysis into clear, actionable reports and executive summaries suitable for senior leadership and interagency partners. • Serve as a technical liaison to government stakeholders, explaining forensic methodologies, tools, and findings in both technical and operational terms.• Support the development of Computer Network Defense (CND) guidance, playbooks, and after-action reports based on investigative outcomes. Requirements• U.S. Citizenship (required)• Active TS/SCI clearance (required)• Ability to obtain DHS Entry on Duty (EOD) Suitability• 5+ years of hands-on experience conducting host-based or digital forensic investigations• Expertise in forensically sound data acquisition, duplication, and preservation• Proficiency in analyzing, categorizing, and reporting cyber attacks and system compromises• Strong knowledge of evidence handling procedures, documentation, and chain-of-custody standards• Familiarity with attack lifecycle phases and common adversary techniques• Comprehensive understanding of system and application security threats, vulnerabilities, and mitigation strategies• Experience performing host triage, live response, and volatile memory analysis• Proficiency with Windows, Linux/Unix, and related file systems• Demonstrated ability to collaborate across distributed teams in time-sensitive operational environmentsNice-to-haves• Proficiency with two or more of the following forensic and analysis tools: EnCase, FTK, X-Ways, SIFT, Volatility, Sleuth Kit/Autopsy Wireshark, Splunk, Snort, or EDR tools (CrowdStrike, Carbon Black, SentinelOne)• Experience conducting malware reverse-engineering and all-source research• Understanding of threat actor TTPs and advanced intrusion methodologies• Strong communication skills for technical briefings and interagency coordinationBenefits• Argo Cyber Systems empowers federal partners to outpace and outmaneuver adversaries through precision forensics, agile response, and mission-first cybersecurity operations.• As part of the DHS HIRT mission, you will be on the front lines of national cyber defense-supporting the investigation, containment, and recovery of the nation's most critical systems. Apply tot his job