Job Description :
IT Security Digital Forensics / Digital Forensic Incident Response Analyst
Seeking a Digital Forensic Investigator to work on our Malware and Forensics team. This position requires a strong technical security professional, who will be responsible for conducting highly technical and confidential investigations. (e.g. data loss, advanced persistent threats, malware analysis, etc)
The Digital Forensics Investigator will be responsible for managing the collection of electronically stored information and digital evidence, coordination of internal investigations of business misconduct and reported employee wrongdoing across business units and suppliers, detailed forensic analysis of evidence collected, and providing forensic guidance to leadership.
Essential Duties and Responsibilities
Conduct examination of digital media (hard drives, network traffic, mobile phones, etc.
Capture / analyze network traffic for indications of compromise.
Review log-based data, both in raw form and utilizing SIEM or aggregation tools.
Employ best practices and forensically sound principals such as evidence handling and chain of custody.
Perform live network assessments using leading packet capture and analysis software tools.
Establish timelines and patterns of activity based on multiple data sources.
Identify, document and prepare reports on relevant findings.
Utilize varied forensic software such as Axiom, FTK, Encase, IEF, etc.
Effectively communicate with clients to establish timelines, manage expectations, and report findings.
Required Technical and Professional Expertise
At least 3-5 years of experience in IT Security Digital Forensics
Memory forensics
Network forensics
End host forensics
Log analysis
Static and Dynamic malware analysis.
At least 2 years of experience in Incident Response in a global corporate enterprise
Preferred Technical and Professional Expertise
Strong understanding of networking protocols.
Experience in fast-paced investigations.
Experience with programming or scripting languages.
Familiar with Splunk SIEM tool is a plus
Demonstrated system administration skills.
Ability to present highly technical information to non-technical audiences.
Collaborate, build relationships, gain credibility, and partner effectively with others up and down a matrixed organization
Maintain open, honest, and timely communication with personnel involved in investigations/projects
Candidate must also have working-familiarity with forensic tools
Ensure confidentiality of sensitive information is maintained
Conduct research using multiple information and data sources
Provide courtroom testimony when required
Job Types: Full-time, Contract
Schedule: Monday to Friday
Education: Bachelor's (Preferred)
Work Remotely: Yes, temporarily due to COVID-19, later the job is located Plano, TX