Host Based Cyber Systems Analyst IV

Argo Cyber Systems provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics / incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking Cyber Network Defense Analysts (CNDA) with Cloud Forensics experience to support this critical customer mission.

Responsibilities :

• Conduct forensic acquisition and analysis from on-premises and cloud platforms (Entra ID / Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration.
• Investigate and respond to incidents and attacks targeting cloud and hybrid identity.
• Correlate cloud control-plane events and network telemetry (e.g., Azure Activity Logs, AWS CloudTrail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post-compromise privilege escalation.
• Develop and operationalize detection logic and automation using cloud-native tools (Microsoft Defender, Sentinel, AWS GuardDuty, GCP Chronicle) and scripting (PowerShell, Python, Bash), integrating threat intelligence feeds and indicators.
• Produce technical reports, incident documentation, and containment recommendations integrating cloud, identity, and endpoint findings; support development of incident response playbooks and procedures for cloud and hybrid environments.
• Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities.
• Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings.

Required Skills :

Desired Skills :

This position requires a minimum of a USG Top Secret Security Clearance!

Argo Cyber is an Equal Opportunity Employer.

Job Posted by ApplicantPro