Digital Forensics

**About the Role**

The Digital Forensics & Incident Response (DFIR) Analyst will work to address security incidents, hunt down security risks or incidents within the environment, and act as a supporting team member in Cyber Defense. This position requires a good understanding of technology, tools, policies, and standards related to security systems and incident response. The incumbent must be competent to work at a proficient technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate incident response efforts, and develop documentation to support the security incident response process. Risk assessment techniques and good communication skills are a plus.

**Key** Responsibilities**
- Lead investigate, coordinate, bring to resolution, and report on security incidents as they are escalated or identified
- Forensically analyze end user systems and servers found to have possible indicators of compromise
- Analysis of artifacts collected during a security incident/forensic analysis
- Identify security incidents through ‘Hunting’ operations within a SIEM and other relevant tools
- Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions
- Provide consultation and assessment on perceived security threats
- Maintain, manage, improve and update security incident process and protocol documentation
- Regularly provide reporting and metrics on case work
- Must be willing to be on-call off hours in rotation with other team members

**Experience & Skills**
- 6-8 years of experience in Information Security, at least 3 years of them in the The Digital Forensics & Incident Response field
- Demonstrated integrity in a professional environment
- Global mind-set for working with different cultures and backgrounds
- Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
- Excellent teaming skills
- Good social, communication, and writing skills

**Minimum Qualifications**

Any combination of education and experience that would likely provide the required knowledge, skills, and abilities as well as possession of any required licenses or certifications is qualifying
- Strong knowledge of industry standards and best practices for Information Security
- Ability to set and manage priorities judiciously
- Excellent written and oral communication skills
- High Emotional Intelligence (interpersonal skills)
- Must have experience in performing security incident response and/or digital forensic analysis in support of security incident response

**Education**
- B.S. degree in Computer Science or related technical discipline or any other college discipline with additional 2 years of Information Security experience and CISSP certification.

**Certifications**
- Certifications such as GCFA, GNFA, GCIA, and/or GCIH.

aH4bmVnhHy