The Forensic Investigator will conduct in-depth analyses of network intrusions and cybersecurity incidents to determine root cause, scope, and impact.
Core Responsibilities
- Investigate network intrusions and other cybersecurity breaches to identify the origin, tactics, and extent of compromise, utilizing both host-based and network-based forensic methodologies.
- Research and innovate new techniques and procedures to advance and refine the digital forensics lifecycle.
- Author clear, concise, and high-quality technical reports that accurately present complex investigative findings.
- Manage and maintain forensic analysis laboratories and the suite of tools essential for investigations.
- Preserve and collect digital evidence in accordance with industry best practices and legal standards for evidence integrity.
- Provide direct investigative support to the Cyber Emergency Response Team during critical incidents.
Mandatory Qualifications (Required For Consideration)
- A minimum of 4 years of hands-on experience in a Threat Management, Forensic Investigations, and/or Incident Response setting.
- Demonstrated proficiency in conducting digital forensic investigations across multiple platforms and operating systems, with a comprehensive understanding of forensic processes and tools.
Desired Qualifications
- Practical experience with a broad array of forensic tools (e.g., FTK, X-Ways, SIFT, AXIOM, EnCase).
- Experience with memory analysis tools (e.g., Volatility, MemProcFS).
- Proficiency with Linux and open-source forensic utilities.
- Hands-on experience investigating intrusions in Windows and Linux/Unix environments.
- Experience performing forensic evidence collection in cloud environments (AWS, Azure, GCP).
- Knowledge of evidence acquisition from computer systems and electronic devices.
- Familiarity with virtualized environments.
- Understanding of forensic imaging techniques and standards.
- Deep knowledge of operating system artifacts for Microsoft Windows, Linux/UNIX, and macOS.
- Understanding of various file systems.
- Exceptional analytical and problem-solving skills.
Skills: azure,x-ways,aws,forensic toolkit (ftk),forensic analysis,sift,digital,unix,encase,cloud,investigative reporting,axion,linux,cybersecurity,artifacts,windows
