Software Security Forensic Analyst
Job Type
Full-time, Part-time

INTRUSION seeks a Forensic Analyst. As a Forensic Analyst, you will act as an analyst looking for forensic information on different projects assigned to you. Your results will be documented and used for security and risk analysis. You will be responsible for all functions in assessing, developing, and formulating the results of your findings in a professionally readable document provided within the timeframe of the projects start and end date.

This role requires a strong analytic and methodical mindset coupled with a strong ability to relate your findings in an understandable way. In this role you will be both an analyst, script developer, and document creator, — using forensics to detect, understand, and then reproduce steps to recreate findings.

You will have the freedom to innovate new solutions and methods to test theories and capture data. We seek individuals who thrive on exploration and the thrill of solving challenging problems and identifying anomalies.


  • Collaborate in the development of process logic for standards for testing and reporting
  • Contribute to the development of scripts and procedures to help automate and refine testing and analysis
  • Contribute to the body of knowledge for operation of use and testing with many available analysis tools
  • Identify, evaluate, test, reproduce, and document findings in a clear understandable manner
  • Help the team with other resources and share the workload of tasks when needed
  • Set up personal test lab that allows an isolated test environment for analysis of network, software, and hardware identification of changes and differences using network capturing and sandbox analysis tools
  • Collaborate with team to obtain the latest and best tools and latest forensic techniques
  • Working from home will require a lab type of environment for testing in an isolated network environment



  • Prefer a minimum of a Bachelor’s Degree in Computer Science, Computer Engineering, Information Technology or Mathematics.
  • Must be able to pass a Top-Secret Security Clearance background check


  • 3+ years of experience in forensics analytics
  • 2+ years of experience in security-related fields
  • Proficient in Python or other scripting language development
  • Proficient in Linux, Windows, and Mac environments


  • Practical mobile phone forensic analyst skills on hardware and software.
  • Ability to run network and sandbox analysis on Windows, Linux, Mac, Android, iOS, and other platforms.
  • Ability to use compliers and other software analytical tools for different platforms.
  • Strong in tools such as Wireshark, tcpdump, MobSF, Cuckoo, VirtualBox, Sandboxie, Fiddler, and other analysis tools.
  • Strong TCP/UDP/IP networking and protocol understanding, how they work, what they do, and what ports they use.
  • Strong communication skills to relate findings in an understandable and useful way.
  • Strong self-disciplined and self-starter that can think outside of the box and bring fresh insight and experience to the team.
  • Comfortable with Linux shell and common GNU utilities.
  • Ability to analyze, summarize, visualize, and detect anomalies from raw network communications data in a clear and effective manner.
  • Ability to work well in a team environment.
  • Clear, effective writing skills.
  • Kind, passionate, collaborative, driven, smart, self-starter

About Intrusion, Inc.

Intrusion, Inc. is a cybersecurity company based in Plano, Texas. The company offers its customers access to their exclusive threat intelligence database containing the historical data, known associations, and reputational behavior of over 8.5 billion IP addresses. After years of gathering global internet intelligence and working exclusively with government entities, the company released its first commercial product in 2021. Intrusion Shield makes it easy for businesses to incorporate a Zero Trust, reputation-based security solution into their existing infrastructure. Intrusion Shield observes traffic flow and instantly blocks known malicious or unknown connections from both entering or exiting a network, making it an ideal solution for protecting against Zero-Day and ransomware attacks. Incorporating Intrusion Shield into a network can elevate an organization's overall security posture by enhancing the performance and decision-making of other solutions in its cybersecurity architecture.

More information about Intrusion can be found at


  • Competitive salaries and comprehensive benefits
  • On-going learning opportunities within a diverse, inclusive, and rewarding work environment
  • Intrusion is an Equal Employment Opportunity Employer