Cybersecurity Forensics Investigator

EnCase, ACE, GCFE, Cybersecurity, eDiscovery, Forensics, Incident Response, Certified Forensics, Forensics Expert
Contract W2, 6 Months
Depends on Experience
Work from home available Travel not required

Job Description

Title: Cybersecurity Forensics Investigator

Duration: 6 Months to hire

Location: Franklin MA – Some days work from home

 

Overview -

Role is needed to support team as workload has increased and current team member is currently overloaded. Ideally this role will go perm next year. Want someone who wants to be around with Dell/EMC for a long time. Location will be onsite as they’ll be working in a lab. Some days not onsite but majority of the time they’ll be onsite. Have found these resources in the past that used to work for law enforcement handling cybersecurity investigations. Need to understand OS internals and how to peel through a laptop, desktop, or server looking for specific artifacts. Work with CSIRT teams and IR teams as this team does the backend forensics and incident response forensics. Have to be able to identify malware and tear apart to see what it does to determine what people are trying to steal.

 

Things we’re looking for – reverse engineering for malware (know a lot about system internals), talking about malware, threat intelligence, threat hunting (not looking for first level of defense but those who handle the escalations), anyone with SANs certs, ENCE cert (certified examiner), GFCE certs, any mention of cell phone forensics, well-versed in cloud security (Microsoft cloud security).

 

Job Responsibilities:

Lead small and medium sized investigations, coordinating tasks and resources from corporate legal, ethics, security, and IT teams

Manage multiple investigation requests through the entire lifecycle of Initiation, Data Collection, Analysis, and Data Production

Participate in designing, testing and deployment of new forensic or eDiscovery tools or solutions

Participate on Incident Response teams as forensic SME

Work with vendors for problem resolution

Develop and maintain comprehensive documentation

Standardize process and procedures and provide continual improvement

Perform other duties as required

Prioritizes own work and may have duties instructing, directing, assigning and overseeing work of more junior team members

Manager usually provides the problem for this individual to develop appropriate solutions

Specializes in security operations in one area

Works on cybersecurity problems that have medium to high complexity, with particular emphasis on security operations

Selects methods and techniques for identifying and advocating effective security solutions

Maintains and optimizes tools, processes, documentation, reporting, and technologies, and defines success criteria for their effective usage

Participates in reviews of available tools, technologies, and processes to secure all aspects the enterprise"

 

Required Skills:

Degree in IT or 5+ years of enterprise IT experience

Understands advanced concepts of investigations, evidence handling and computer forensics

Experience with one or more major computer forensic products in an enterprise environment

Experience with SQL based database platforms

Problem solving and analytical skills

Ability to read, write and speak English

Good written and oral communication skills

Must work well independently and with others as part of larger team and be able to collaborate on cross functional teams

 

Desired Skills:

6+ Years Cybersecurity Experience

Working knowledge of system events and associated logs

Experience working with MS Windows Desktop and Server operating systems

Experience working with Linux/Unix

Experience working with Microsoft’s O365 environment

Familiar with Data Privacy laws and the associated security requirements

ITIL experience, certification preferred.

EnCase, ACE or ====FE certification.

CISSP or similar Security certifications

 

Accountabilities:

Works on cybersecurity problems that may be diverse and highly complex, with particular emphasis on security operations.

Selects methods and techniques for identifying and advocating effective security solutions.

Specializes in security operations in one or more areas, including network, host, database, application, event management, cloud, cryptography, identity, and other emerging technology.

Participates in reviews of available tools, technologies, and processes to secure all aspects the enterprise.

Maintains and optimizes tools, processes, documentation, reporting, and technologies, and defines success criteria for their effective usage.

Deploys tools, processes, documentation, and technologies, and defines success criteria for their effective usage.

 

Best,

Kushal Shah

APN Software Service INC

Dice Id : apn
Position Id : Dell_39449
Originally Posted : 2 months ago
Have a Job? Post it