C4 Technical Services
Cybersecurity Forensic Analyst
C4 Technical Services, Tampa, Florida, us, 33646
Cybersecurity Forensic AnalystWork Location: Remote
JOB SUMMARYCybersecurity Forensic Analyst, under limited supervision, conducts forensic analysis, data recover, eDiscovery and other investigative work. Analysts assist with cybersecurity event response policies, processes and standards for large and complex environments. They are responsible for comprehensive analysis to include recommending appropriate course of action and escalation to various business areas. They perform various cybersecurity examinations of computers and media to identify user activities and collect evidence as an expert in the area of forensic computer science. They assist with cyber event response by cooperating with third-party incident response teams and law enforcement agencies by providing logs, reports, alert notifications, and other requested information.
This is a role on the corporate cyber incident response team.
Essential FunctionsThe essential functions listed represent the major duties of this role, additional duties may be assigned.
Ability to work both independently and as part of a team to conduct forensic analysis to assist with investigations and the drafting of complex reports.An understanding of applicable regulations and frameworks for the United States and Healthcare industry.An understanding of how to acquire, manage and store evidence that can be legally admissible.Technical expertise in performing digital forensics on a variety of media, including hard drives; portable storage (e.g., USB drives, memory cards); smartphones and tablets; and cloud services (SaaS, IaaS)Technical expertise in following industry best practices and standards in digital evidence acquisition, handling and documentationCollaborates with fraud examiners, other IT investigative experts, counsel, human resources (HR) and other IT technical personnel in investigations.Law enforcement investigation experience and understanding of search and seizureFamiliar with Forensic analysis of Windows platforms, various UNIX Operating systems.Identify artifact and evidence locations to answer crucial questions, including application execution, file access, data theft, external device usage, cloud services, device geolocation, file transfers, anti-forensics, and detailed system and user activity.Assists in the preparation of detailed technical papers, presentations, recommendations, and findings for Management and other Technology LeadersPeriodically provides briefings and presentations to colleagues and leadership supporting analysis of cyber threatsKnowledge of tactics, techniques and procedures leveraged by attackers and adversaries (e.g., MITRE ATT&CK)Assists remediation actions as a result of threat and vulnerability assessments or auditsProvides training to others on security capabilities, processes, procedures and operational tasks
Required Work Experience
5+ years related work experience4+ years Cybersecurity (preferably forensics) / 1+ years Information Technology Infrastructure
Required Education
Bachelor's degree or additional related equivalent work experience - Computer Information Systems with Cybersecurity
Required Licenses and Certifications
GIAC Certified Forensic Analyst (GCFA) or similarIndustry Certifications could be required to obtain if converted to FTE
Additional Required Qualifications:
Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threatsStrong technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliancesDemonstrated knowledge of information threat analysis and detection concepts and principles and impactExperience working and managing vendor performance and service level agreementsKnowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.Strong technical knowledge of current systems, software, protocols and standards. (Including TCP/IP and network administration/protocols).Experience developing, documenting and maintaining security procedures.In-depth knowledge of operating systems and security applicationsDemonstrated ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.Ability to manage tasks independently and take ownership of responsibilitiesStrong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacksAbility to evaluate complex, multi-sourced security intelligence artifacts and summarize for consumption by internal stakeholders.
Additional Required Qualifications:
Technology related experience with computer operationsManage multiple tasks in a fast-paced changing environmentExcellent verbal and written communication and effectively interact with all levels of managementTravel as needed as needed to retail centers within the regionExerting up to 50 pounds of force occasionally to move objects.
#DICEtkettwick@c4techservices.com
JOB SUMMARYCybersecurity Forensic Analyst, under limited supervision, conducts forensic analysis, data recover, eDiscovery and other investigative work. Analysts assist with cybersecurity event response policies, processes and standards for large and complex environments. They are responsible for comprehensive analysis to include recommending appropriate course of action and escalation to various business areas. They perform various cybersecurity examinations of computers and media to identify user activities and collect evidence as an expert in the area of forensic computer science. They assist with cyber event response by cooperating with third-party incident response teams and law enforcement agencies by providing logs, reports, alert notifications, and other requested information.
This is a role on the corporate cyber incident response team.
Essential FunctionsThe essential functions listed represent the major duties of this role, additional duties may be assigned.
Ability to work both independently and as part of a team to conduct forensic analysis to assist with investigations and the drafting of complex reports.An understanding of applicable regulations and frameworks for the United States and Healthcare industry.An understanding of how to acquire, manage and store evidence that can be legally admissible.Technical expertise in performing digital forensics on a variety of media, including hard drives; portable storage (e.g., USB drives, memory cards); smartphones and tablets; and cloud services (SaaS, IaaS)Technical expertise in following industry best practices and standards in digital evidence acquisition, handling and documentationCollaborates with fraud examiners, other IT investigative experts, counsel, human resources (HR) and other IT technical personnel in investigations.Law enforcement investigation experience and understanding of search and seizureFamiliar with Forensic analysis of Windows platforms, various UNIX Operating systems.Identify artifact and evidence locations to answer crucial questions, including application execution, file access, data theft, external device usage, cloud services, device geolocation, file transfers, anti-forensics, and detailed system and user activity.Assists in the preparation of detailed technical papers, presentations, recommendations, and findings for Management and other Technology LeadersPeriodically provides briefings and presentations to colleagues and leadership supporting analysis of cyber threatsKnowledge of tactics, techniques and procedures leveraged by attackers and adversaries (e.g., MITRE ATT&CK)Assists remediation actions as a result of threat and vulnerability assessments or auditsProvides training to others on security capabilities, processes, procedures and operational tasks
Required Work Experience
5+ years related work experience4+ years Cybersecurity (preferably forensics) / 1+ years Information Technology Infrastructure
Required Education
Bachelor's degree or additional related equivalent work experience - Computer Information Systems with Cybersecurity
Required Licenses and Certifications
GIAC Certified Forensic Analyst (GCFA) or similarIndustry Certifications could be required to obtain if converted to FTE
Additional Required Qualifications:
Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threatsStrong technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliancesDemonstrated knowledge of information threat analysis and detection concepts and principles and impactExperience working and managing vendor performance and service level agreementsKnowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.Strong technical knowledge of current systems, software, protocols and standards. (Including TCP/IP and network administration/protocols).Experience developing, documenting and maintaining security procedures.In-depth knowledge of operating systems and security applicationsDemonstrated ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.Ability to manage tasks independently and take ownership of responsibilitiesStrong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacksAbility to evaluate complex, multi-sourced security intelligence artifacts and summarize for consumption by internal stakeholders.
Additional Required Qualifications:
Technology related experience with computer operationsManage multiple tasks in a fast-paced changing environmentExcellent verbal and written communication and effectively interact with all levels of managementTravel as needed as needed to retail centers within the regionExerting up to 50 pounds of force occasionally to move objects.
#DICEtkettwick@c4techservices.com