Executes analyses using forensics technologies to collect computer evidence. Restores data such as documents, photos, and emails from hard drives that have been deleted, damaged, or manipulated.
Presents investigation results and provides evidence for legal proceedings. Manages the investigation processes, including the analysis, documentation, and evidence handling for legal proceedings. Confirms policies, procedures, and processes related to forensic functions are updated.

Typically has no degree requirement, and 2-3 years of experience, or equivalent relevant work experience; e.g., each year of work experience may be substituted for each year of education required.
Support security event monitoring and event triage and incident response for a cyber defense program including Security Operation Centers (SOC) with a goal to identify intrusion, malware, insider threat, misuse, policy violations and misconfigurations.
Document case information to support more in-depth analysis.
Escalate cases to senior analysts as required. Conduct Cyber Hunt, Digital Forensics and Incident Response, and Malware Reverse Engineering Activities.
Shift Turnover activities. Intake, triage, and process new incidents reported. Recommend Countermeasures and work with operations and cyber personnel to mitigate incidents.
Undertake proactive measures to implement blocks and detective capabilities for an enterprise under supervision.
Splunk, Microsoft Defender, Threat Intelligence Analysis.

Cyber Ops Specialist II

Key skills