Forensic and Incident Response Engineer

**Position is Contingent Upon Award**

 

Peraton seeks innovative professionals who thrive in mission-critical environments and are passionate about protecting our national critical infrastructure. This is your chance to make an impact on one of the nation’s vital organizations, working alongside leaders in cybersecurity engineering, operations, forensics, threat analysis, data science, and systems integration.

 

Join Peraton in supporting a large critical infrastructure operator to defend its corporate and operations networks from nation-state attacks, ensure the confidentiality, integrity, and availability of its systems and operations infrastructure, and comply with federal and industry cybersecurity regulation. As a forensic and incident response engineer working along side a state of the art 24-hour Cybersecurity Operations Center (CSOC), you will be responsible for detecting, investigating, and responding to cybersecurity incidents while preserving evidence and supporting root-cause analysis. This role leads technical incident response activities, conducts digital forensic analysis, and improves organizational readiness against cyber threats.

 

Primary Responsibilities:

 

The Forensic and Incident Response Engineer will be responsible to:

• Lead technical response to security incidents, including containment, eradication, and recovery
• Perform digital forensic analysis on endpoints, servers, applications, network traffic, and cloud environments using forensically sound procedures to identify network / computer intrusion evidence and identifies perpetrators
• Examine any electronic device that may hold evidence that could be used in a court of law and
• Gather, handle and store evidence.
• Perform a variety of forensic and electronic discovery services, including digital evidence preservation, forensic analysis, data recovery, tape recovery, electronic mail extraction, and database examination
• Collect, preserve, and analyze evidence in accordance with forensic best practices and legal requirements observing proper evidence custody and control procedures, document procedure and findings in a manner suitable for courtroom presentation and prepare comprehensive written notes and reports.
• Investigate malware, intrusions, unauthorized access, and data infiltration and exfiltration events
• Analyze logs, memory, disk images, and network captures to determine attack scope and impact
• Develop timelines, root-cause analysis, and incident reports for both technical and executive audiences
• Support threat hunting and detection engineering efforts using forensic findings
• Collaborate with the CSOC, engineering, legal, and compliance teams during incidents
• Participate in on-call or surge incident response rotations

Additional Responsibilities:

• Assist with development and maintenance of incident response playbooks and procedures
• Support security tooling evaluations and forensic lab improvements
• Participate in tabletop exercises and readiness testing
• Contribute to security awareness or training efforts using incident lessons learned
• Maintain forensic documentation, case notes, and evidence records

5 years with BS/BA; 3 years with MS/MA; 0 years with PhD

Required:

• U.S. Citizenship Required
• Must have the ability to obtain / maintain a DOE L Level or DOE Secret clearance
• Degree in computer science, engineering, cybersecurity, information technology, digital forensics, homeland security, or related field
• 5 years of experience with BS/BA; 3 years with MS/MA
• Experience in cybersecurity, incident response, or digital forensics
• Strong analytical and problem-solving skills
• Ability to explain complex findings to non-technical stakeholders
• High integrity and discretion, with strict adherence to evidence handling and chain of custody requirements.
• Proficiency with industry-standard forensic and Incident Response tools
• Proficiency of TCP/UDP packet capture and analysis
• Strong experience in incident response methodologies and lifecycle management
• Hands-on digital forensics experience across a variety of industry-standard operating systems
• Ability to work effectively during high-stress incidents
• Understanding of industry cybersecurity standards such as FISMA, NIST 800 series, ISO 27001 and regulatory compliance requirements
• Familiarity with MITRE ATT&CK framework

Desired:

• Hold technical and/or cybersecurity certification such as GIAC GSEC, GIAC GCIH, CISA SSCP, CompTIA Security+
• A master’s degree in computer science, engineering, cybersecurity, information technology, or related field
• Demonstrated experience leading or owning incident investigations
• Hands-on experience reverse-engineering malware

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.