Analysis Skills, Best Practices, Chain of Custody, Communication Skills, CompTIA Security+, Computer Engineering, Computer Forensics, Computer Science, Computer Security, Cryptography, Cyber Investigation, DOE Clearance, DOE-Q (Top Secret Restricted Data), Digital Media, Environmental Management, FISMA - Federal Information Security Management Act, Forensic Science, GCFA - GIAC Certified Forensic Analyst, Incident Response, Information Technology & Information Systems, Internet Security, Mentoring, Mobile Devices, Mobile Technology, Presentation/Verbal Skills, Problem Solving Skills, Regulatory Requirements, Reporting Skills, Security Attacks, Security Information and Event Management (SIEM), Software Engineering, Team Player, Technical Support, U.S. National Institute of Standards and Technology (NIST), United States Department of Energy (DOE), Writing Skills
Location: Aiken, SC
Work Location: Savannah River Site (SRS)
Schedule: Full-Time | Onsite with limited telework
Clearance Requirement: Ability to obtain and maintain DOE Q Clearance
Position Overview
EGS is seeking an Associate Computer Security Engineer - Cyber Response to support cybersecurity incident response and digital forensic operations at the Savannah River Site. This position supports cyber investigations, forensic analysis, and incident response activities within a highly regulated DOE environment.
The selected candidate will assist in investigating cybersecurity incidents through the collection, preservation, and analysis of digital evidence. This role is ideal for early-career cybersecurity professionals interested in digital forensics, cyber response, and incident investigation.
The successful candidate will work closely with experienced cybersecurity personnel and receive mentorship related to Department of Energy (DOE), National Nuclear Security Administration (NNSA), and Environmental Management (EM) cybersecurity policies and standards including FISMA, NIST, and OMB requirements.
Responsibilities
Cyber Response & Digital Forensics
- Assist with cybersecurity incident investigations and forensic examinations
- Support collection, preservation, and analysis of digital evidence
- Assist senior analysts with forensic analysis of computers, mobile devices, and digital storage media
- Support incident response and cyber investigation activities
- Help identify findings and indicators associated with cybersecurity incidents
Documentation & Reporting
- Document forensic examination procedures and findings
- Ensure proper chain of custody procedures are maintained during investigations
- Prepare detailed reports summarizing forensic analysis results for technical and non-technical stakeholders
- Assist with development and maintenance of cybersecurity policies and procedures
Collaboration & Technical Support
- Collaborate with Information Technology (IT) teams and cybersecurity response personnel
- Support implementation of cybersecurity standards and best practices
- Participate in team investigations and contribute to incident response efforts
- Stay current on developments in digital forensics, cyber threats, mobile technologies, and encryption/decryption methodologies
- Support compliance with DOE cybersecurity policies and regulatory requirements
Required Qualifications
Education & Experience
One of the following combinations is required:
- Bachelor's degree in Computer Science, Cybersecurity, Digital Forensics, Information Technology, Computer Engineering, Software Engineering, or related discipline
- Non-technical Bachelor's degree with 2+ years of related experience
- Associate's degree in IT-related field with 2+ years of related experience
- Non-technical Associate's degree with 4+ years of related experience
- High School Diploma/GED with 6+ years of equivalent experience
Required Skills
- Strong analytical and problem-solving abilities
- Effective written and verbal communication skills
- Ability to explain technical findings to non-technical audiences
- Ethical conduct and discretion when handling sensitive information
- Willingness to learn evolving cybersecurity and forensic technologies
- Basic understanding of cybersecurity principles and incident response practices
- Ability to work collaboratively within a team environment
Preferred Qualifications
- Experience with digital forensic tools such as Cellebrite, Magnet Forensics Axiom, or OpenText
- Experience with SIEM or cybersecurity monitoring tools
- Internship or hands-on experience in IT, cybersecurity, or digital forensics
- Relevant certifications such as Security+ or GIAC Certified Forensic Analyst (GCFA)
- Previous DOE, federal, defense, or nuclear industry experience
- Active DOE Q or L Clearance preferred
Security Requirements
- Must be able to obtain and maintain a DOE Q Clearance
- Active DOE clearance preferred but not required to start
- Subcontractor must maintain active eFOCI registration and approved Facility Clearance with DOE/NNSA
Work Schedule
This position follows a standard 40-hour work week. Various work schedules may be utilized including:
- 5/8 Schedule
- 4/10 Schedule
- 9/80 Schedule
Occasional overtime may be required to support operational needs and incident response activities.