Incident Response and Forensic Analyst

The Aerospace Corporation is the trusted partner to the nation’s space programs, solving the hardest problems and providing unmatched technical expertise. As the operator of a federally funded research and development center (FFRDC), we are broadly engaged across all aspects of space— delivering innovative solutions that span satellite, launch, ground, and cyber systems for defense, civil and commercial customers. When you join our team, you’ll be part of a special collection of problem solvers, thought leaders, and innovators. Join us and take your place in space.

The Aerospace Corporation is seeking an experienced cybersecurity professional to serve as an Incident Response and Forensic Analyst (Information Security Staff IV). In this critical role, you will be responsible for investigating security incidents, conducting digital forensic examinations, and leading response efforts to protect our organization's critical assets. You will analyze complex security events, preserve and examine digital evidence, develop incident response procedures, and provide expert recommendations to contain and remediate cyber threats. You will join a team of dedicated cybersecurity professionals who are chartered with securing Aerospace's classified and unclassified enterprise IT environments and viewed as leaders within the aerospace community.

The selected candidate will be required to work full-time on-site at our facility in Colorado Springs, CO.

What You'll Be Doing

• Leading incident response activities from initial detection through containment, eradication, recovery, and post-incident analysis
• Conducting digital forensic investigations on compromised systems, networks, and endpoints to determine root cause, scope, and impact of security incidents
• Performing forensic analysis of disk images, memory dumps, network traffic, and log data using industry-standard tools and methodologies
• Preserving digital evidence following proper chain of custody procedures to ensure forensic integrity and support potential legal proceedings
• Analyzing malware samples and attacker techniques to understand threat actor behavior and develop defensive countermeasures
• Developing and maintaining incident response playbooks, procedures, and forensic investigation workflows
• Coordinating with SOC, IT operations, legal, and business stakeholders during active incident response operations
• Documenting incident timelines, findings, and remediation activities in comprehensive technical reports
• Providing expert testimony and briefings on forensic findings to technical teams, management, and potentially legal counsel
• Contributing to threat intelligence by identifying indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) from investigations
• Conducting post-incident reviews and lessons learned sessions to drive continuous improvement
• Remaining informed on the latest incident response methodologies, forensic techniques, threat actor trends, and emerging attack vectors
• Mentoring junior analysts and sharing forensic expertise across the cybersecurity team
• Where necessary, providing after-hours support during critical security incidents requiring immediate investigation

What You Need to be Successful- Information Security Staff IV

Minimum Requirements:

• Bachelor's degree in Cybersecurity, Computer Science, Digital Forensics, Information Systems or equivalent field of study, or equivalent experience
• 5-7 years of relevant experience in incident response, digital forensics, or cybersecurity investigations
• Hands-on experience conducting forensic investigations on Windows, Linux, and/or macOS systems
• Proficiency with forensic tools such as EnCase, FTK, X-Ways, Autopsy, or similar platforms
• Strong understanding of file systems, operating system artifacts, and forensic analysis techniques
• Experience with memory forensics and volatile data analysis
• Knowledge of network forensics and packet analysis using tools like Wireshark, tcpdump, or NetworkMiner
• Understanding of malware analysis fundamentals and attacker methodologies
• Experience with incident response frameworks (NIST SP 800-61, SANS Incident Response, etc.)
• Ability to work under pressure during active security incidents and manage multiple concurrent investigations
• Excellent analytical and critical thinking skills with strong attention to detail
• Strong written and verbal communication skills, including the ability to document technical findings clearly
• Experience with evidence collection, preservation, and chain of custody procedures
• Understanding of legal and regulatory requirements related to digital evidence and incident reporting
• This position requires the ability to obtain and maintain a US Secret security clearance, which is issued by the US government. U.S citizenship is required to obtain a security clearance.

How You Can Stand Out

It would be impressive if you have one or more of these:

• Relevant certifications such as GCFA, GCFE, GREM, GNFA, CISSP, or equivalent
• Experience with cloud forensics (AWS, Azure, GCP) and cloud-native incident response
• Hands-on malware analysis and reverse engineering experience
• Experience investigating advanced persistent threats (APTs) or nation-state actors
• Proficiency with scripting languages (Python, PowerShell, Bash) for forensic automation
• Experience with SIEM platforms and log analysis for incident investigation
• Knowledge of threat intelligence platforms and integration of IOCs into defensive operations
• Experience conducting forensic investigations in classified environments
• Background with endpoint detection and response (EDR) tools such as CrowdStrike, Carbon Black, or SentinelOne
• Experience developing custom forensic tools or automation scripts
• Track record of presenting forensic findings to executive leadership or in legal proceedings
• Experience with mobile device forensics (iOS, Android)
• Familiarity with the MITRE ATT&CK framework and mapping incident findings to adversary techniques
• Current and active Secret clearance

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business.  The grade-based pay range for this job is listed below.  Individual salaries within that range are determined through a wide variety of factors including but not limited to education, experience, knowledge and skills.

(Min - Max)

Leadership Competencies

Our leadership philosophy is simple: every employee, regardless of level and role, can demonstrate leadership. At Aerospace, our commitment is our people. To cultivate our talent and ensure that we have a strong pipeline of future leaders, we want individuals who:

• Operate Strategically
• Lead Change   
• Engage with Impact   
• Foster Innovation   
• Deliver Results  

Ways We Reward Our Employees

During your interview process, our team will provide details of our industry-leading benefits.

Benefits vary and are applicable based on Job Type.  A few highlights include:

• Comprehensive health care and wellness plans

• Paid holidays, sick time, and vacation

• Standard and alternate work schedules, including telework options

• 401(k) Plan — Employees receive a total company-paid benefit of 8%, 10%, or 12% of eligible compensation based on years of service and matching contributions; employees are immediately eligible and vested in the plan upon hire

• Flexible spending accounts

• Variable pay program for exceptional contributions

• Relocation assistance

• Professional growth and development programs to help advance your career

• Education assistance programs

• An inclusive work environment built on teamwork, flexibility, and respect

We are all unique, from various backgrounds and all walks of life, yet one thing bonds all of us to each other—the belief that we can make a difference. This core belief empowers us to do our best work at The Aerospace Corporation.

Equal Opportunity Commitment

The Aerospace Corporation is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, age, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender, gender identity or expression, color, religion, genetic information, marital status, ancestry, national origin, protected veteran status, physical disability, medical condition, mental disability, or disability status and any other characteristic protected by state or federal law. If you’re an individual with a disability or a disabled veteran who needs assistance using our online job search and application tools or need reasonable accommodation to complete the job application process, please contact us by phone at 310.336.5432 or by email at peoplemangmnt.mailbox@aero.org . You can also review Know Your Rights: Workplace Discrimination is Illegal.