Argo Cyber Systems provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking Cyber Network Defense Analysts (CNDA) with Cloud Forensics experience to support this critical customer mission.
Responsibilities:
- Conduct forensic acquisition and analysis from on-premises and cloud platforms (Entra ID/Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration.
- Investigate and respond to incidents and attacks targeting cloud and hybrid identity.
- Correlate cloud control-plane events and network telemetry (e.g., Azure Activity Logs, AWS CloudTrail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post-compromise privilege escalation.
- Develop and operationalize detection logic and automation using cloud-native tools (Microsoft Defender, Sentinel, AWS GuardDuty, GCP Chronicle) and scripting (PowerShell, Python, Bash), integrating threat intelligence feeds and indicators.
- Produce technical reports, incident documentation, and containment recommendations integrating cloud, identity, and endpoint findings; support development of incident response playbooks and procedures for cloud and hybrid environments.
- Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities.
- Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings.
Required Skills:
- U.S. Citizenship
- Active TS/SCI clearance
- Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
- 8+ years of experience in cyber forensic investigations with leading tools and techniques.
- Strong understanding of SaaS, PaaS, and IaaS in cloud environments, and hybrid identity security.
- Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings.
- Knowledge of M365/Azure, hybrid identity, and threats targeting these solutions.
- Knowledge of AWS, IAM, and best practices for cloud identity security.
Desired Skills:
- Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection.
- Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
- Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker).
This position requires a minimum of a USG Top Secret Security Clearance!
Argo Cyber is an Equal Opportunity Employer.
Argo Cyber Systems is a Service Disabled Veteran Owned Small Business (SDVOSB). Located in Historic Downtown Pensacola, Argo Cyber Systems is a pure-play cyber security firm. We are cyber security and intelligence experts offering dedicated threat and security monitoring of critical infrastructure assets, businesses, and other environments.
Cyber Services
Managed Detection and Response (MDR) and Cyber Threat Monitoring
Argo Cyber Systems provides managed cyber monitoring services through a dedicated SIEM and Cyber Threat Monitoring platform with an advanced threat correlation engine at affordable prices.
Continuous Asset Discovery
By utilizing technology which can automatically discover new devices on your network, we always know what’s connected in your digital environment.
Continuous Real-time Threat Monitoring, Correlation & Alerting
It does not matter if you are in AWS, Azure, Google Cloud Platform, or on premise, we are able to gain visibility of devices, systems, applications, and user activities in your environment. We support Office 365, G Suite, network devices, operating systems, and over 400 devices and applications that are important to your businesses' day-to-day activities.
Global Threat Analysis and Supply Chain Cyber Risk Management
Due Diligence X© (DDX) was created with this in mind – to provide a dynamic platform for testing devices for assurance that the equipment will be free from a variety of security threats.
Assessment Support Services and Penetration Testing
ARGO Cyber Systems Principals have gained decades of experience conducting various types of assessments including Cyber Risk Assessments, Threat Assessments, Risk Management and Threat intelligence from our work with the DOD and Federal.
Breach Clean up, Mitigation and Remediation
Argo Cyber is capable of mitigation and remediation of your assets and environment in the event you are breached.
