Demo

Mobile Threat & Forensics Analyst

SPECIAL AEROSPACE SECURITY SERVICES INC
Washington, DC Full Time
POSTED ON 6/29/2026
AVAILABLE BEFORE 8/28/2026

Mobile Threat & Forensics Analyst

Location: Arlington, VA (Hybrid: Onsite & Remote)
Clearance Required: Active Secret Clearance Required (TS/SCI strongly preferred)
Employment Type: Full-Time, Regular


Position Overview

Special Aerospace Security Services, Inc. (SASSI) is seeking a highly motivated Mobile Threat & Forensics Analyst to support a U.S. Government customer in delivering advanced mobile security, malware analysis, digital forensics, and incident response support services within enterprise cybersecurity environments.

This position supports evolving cybersecurity operations focused on mobile threats, advanced forensic investigations, malware analysis, phishing investigations, mobile application analysis, and proactive threat identification activities across both traditional and mobile platforms. The selected candidate will work closely with cybersecurity operations, threat intelligence, incident response, and enterprise security teams to support investigative, analytical, and operational cybersecurity missions.

SASSI is seeking candidates capable of supporting complex investigative and analytical activities with minimal oversight while operating within fast-paced operational environments supporting federal cybersecurity missions.

Work Environment

This is a hybrid position requiring a combination of onsite support in Arlington, VA and remote work.

Candidates must be able to:

  • Maintain availability during core business hours (Monday–Friday)
  • Support onsite mission requirements, classified work, and collaborative operational activities
  • Participate in incident response, investigative, and operational activities as required
  • Remain responsive and engaged during remote support activities through Microsoft Teams, email, and other communication platforms

Key Responsibilities

  • Perform malware analysis utilizing static and dynamic analysis techniques to identify malicious behavior, persistence mechanisms, attack vectors, and indicators of compromise (IOCs)
  • Conduct digital forensic analysis of systems, removable media, and mobile devices involved in cybersecurity incidents or investigations
  • Perform mobile device forensic analysis across iOS and Android platforms utilizing forensic acquisition and analysis tools
  • Investigate phishing emails, malicious attachments, suspicious URLs, spoofed domains, and command-and-control (C2) communications
  • Analyze mobile applications, APK/IPA files, suspicious software, and mobile-specific attack techniques
  • Capture and analyze volatile memory, logs, browser artifacts, system activity, and forensic evidence from compromised devices and systems
  • Support proactive threat identification, mobile threat analysis, and investigative activities across enterprise environments
  • Develop indicators of compromise (IOCs), signatures, YARA rules, detection logic, and analytical findings to support threat detection and incident response
  • Collaborate with cybersecurity operations, threat intelligence, vulnerability management, and incident response teams
  • Prepare technical reports, forensic findings, investigative summaries, and operational briefings
  • Maintain proper evidence handling, chain-of-custody, and investigative documentation procedures
  • Support analysis of emerging threats, malware trends, and mobile security risks impacting enterprise environments

Required Qualifications (Mid-Level)

  • U.S. Citizenship required
  • Active Secret clearance required
  • Bachelor’s degree in Cybersecurity, Computer Science, Digital Forensics, Information Technology, Computer Engineering, or related discipline (equivalent experience considered)
  • Minimum 5 years of experience supporting cybersecurity operations, malware analysis, digital forensics, incident response, mobile security, or related investigative activities
  • Experience supporting forensic investigations involving Windows, Linux, iOS, and/or Android platforms
  • Experience analyzing phishing emails, malicious files, suspicious URLs, and indicators of compromise
  • Familiarity with malware analysis concepts, digital forensic methodologies, and incident response procedures
  • Experience utilizing cybersecurity and forensic tools such as:
    • Cellebrite
    • FTK
    • EnCase
    • Volatility
    • Wireshark
    • IDA Pro
    • Ghidra
    • X-Ways
    • VirusTotal
    • Sandbox analysis platforms
  • Understanding of operating systems, file systems, executable formats, and network protocols
  • Experience with scripting or automation using Python, PowerShell, Bash, or similar languages
  • Strong analytical, investigative, documentation, and communication skills
  • Ability to work independently within operational cybersecurity environments

Preferred Qualifications (Senior-Level Experience)

Candidates possessing one or more of the following advanced qualifications are strongly preferred:

  • 8 years of experience supporting malware analysis, mobile security, digital forensics, threat hunting, or incident response operations
  • Advanced experience conducting mobile forensic investigations across iOS and Android platforms
  • Experience with advanced mobile extraction methodologies and tools such as:
    • Cellebrite Premium
    • GrayKey
    • Oxygen Forensics
  • Experience performing reverse engineering and analysis of malicious mobile applications, APK/IPA files, and mobile malware
  • Experience analyzing nation-state, spyware, or advanced persistent threat (APT) activity targeting mobile platforms
  • Familiarity with Android and iOS internals, mobile operating system artifacts, SQLite databases, plist files, logs, and mobile telemetry
  • Experience supporting enterprise mobile security initiatives, including Mobile Device Management (MDM) or Enterprise Mobility Management (EMM) environments
  • Experience performing proactive threat hunting, detection engineering, or advanced forensic analysis activities
  • Experience supporting classified, federal, or national security cybersecurity environments
  • Ability to mentor junior analysts and support complex investigative or incident response activities with minimal oversight

Preferred Certifications

One or more of the following certifications is preferred:

  • GREM
  • GCFA
  • GNFA
  • GCIH
  • GCED
  • CISSP
  • CASP
  • CySA
  • Security
  • CREA
  • OSCP / OSEP
  • CEH

Desired Technical Skills

  • Malware analysis and reverse engineering
  • Mobile device forensics
  • Mobile malware analysis
  • Digital forensics and incident response
  • Threat hunting and threat analysis
  • Phishing and email analysis
  • URL/domain analysis
  • Network traffic analysis
  • Enterprise cybersecurity operations
  • Scripting and automation
  • Threat intelligence and IOC development
  • MITRE ATT&CK framework familiarity


Salary.com Estimation for Mobile Threat & Forensics Analyst in Washington, DC
$118,595 to $148,753
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Mobile Threat & Forensics Analyst?

Sign up to receive alerts about other jobs on the Mobile Threat & Forensics Analyst career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$92,662 - $117,866
Income Estimation: 
$112,753 - $144,134
Income Estimation: 
$114,790 - $146,930
Income Estimation: 
$142,618 - $183,267
Income Estimation: 
$115,647 - $153,495
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at SPECIAL AEROSPACE SECURITY SERVICES INC

  • SPECIAL AEROSPACE SECURITY SERVICES INC Leesburg, VA
  • Project Control Specialist Position Overview SASSI is seeking a Project Control Specialist IV (PCS-IV) to support program execution, performance tracking, ... more
  • 8 Days Ago

  • SPECIAL AEROSPACE SECURITY SERVICES INC Fort Meade, MD
  • Title: Database Administrator (PostgreSQL / Greenplum) Location: Hybrid – Remote with ability to support Adelphi, MD (on-site as required) Clearance: Activ... more
  • 2 Days Ago

  • SPECIAL AEROSPACE SECURITY SERVICES INC Fort Meade, MD
  • Job Description The CSSP Trainer shall provide training support for the Battle Captains and Watch personnel for CSSP Cert training work in SCIF. The CSSP T... more
  • 3 Days Ago

  • SPECIAL AEROSPACE SECURITY SERVICES INC Washington, DC
  • Cyber Data Analyst Company: SASSI Location: Hybrid – Mark Center (3 days onsite / 2 days telework) Clearance Required: Active TS/SCI Clearance Employment T... more
  • 14 Days Ago


Not the job you're looking for? Here are some other Mobile Threat & Forensics Analyst jobs in the Washington, DC area that may be a better fit.

  • Peraton Chantilly, VA
  • About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest r... more
  • 22 Days Ago

  • Peraton Arlington, VA
  • Responsibilities Peraton is currently seeking a Mobile Threat Analyst for its' Federal Strategic Cyber programs. Location: Full-time, on-site, Arlington, V... more
  • 3 Days Ago

AI Assistant is available now!

Feel free to start your new journey!