Principal Digital Forensics Analyst

Full Time

    Skills

    • Analyst
    • Architect
    • Computer
    • IT
    • Security
    • Network
    • Engineering

    Job Description

    Principal Digital Forensics Analyst in Charlotte, North Carolina

    Posted 04/12/21

    TEAM YOU'LL BE JOINING:
    • Diversified Fortune 100 healthcare company
    • Over $60 billion in revenue, focused on providing local solutions to ensure accessibility, quality, and culturally attentive healthcare programs
    • Voted one of Fortune's Most Admired Companies for 2019

    WHAT THEY OFFER YOU:
    • A career focused on developing your skillset while providing value through new ideas and innovative thinking
    • Employee development and growth opportunities: learn new skills, cross paths with other disciplines, and grow within the organization
    • Collaborative environment, work with a team to provide quality healthcare solutions coast-to-coast
    • Work with purpose every day in an environment built around helping others
    • Excellent benefits package including Medical, Dental, and Vision coverage in addition to other benefits such as tuition reimbursement/educational assistance, paid company holidays, and adoption reimbursement.

    WHAT YOU WILL DO:
    • Plan and build capabilities to establish and mature the forensics program.
    • Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes.
    • Architect, design and build forensic process and technology. Provide requirements and assist team in building Forensics lab to meet needs of the program.
    • Establish and mature forensic program. Incorporate best in class process and technology from Digital Forensics Incident Response (DFIR) community.
    • Collect, preserve, and analyze digital evidence from electronic data sources, including laptops, desktops, servers, and infrastructure devices.
    • Investigate incidents leveraging common forensics tools to analyze memory, hard drive, malware, and network based artifacts.
    • Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes
    • Prepare and review written technical reports that document case findings and lead the internal development of DFIR policies and procedures.

    QUALIFICATIONS:
    • Bachelor's degree in Computer Science, IT, Security, Forensics or related field.
    • 7+ years of cyber security, forensics, incident response, or threat hunting experience.
    • Creation of Intelligence Reports and Products
    • Data source identification, collection, enrichment and analysis, Endpoint, Network security analysis
    • Creation, research and mitigation of memory corruption vulnerabilities and exploits
    • Malware analysis or Reverse Engineering
    • Splunk (SEIM) experience in custom queries, searches, creating correlated alerts, and dashboard creation
    • Nessus or Nexpose vulnerability scanning, configuration and report generation experience