C4 Technical Services
Cybersecurity Forensic Analyst
C4 Technical Services, Tampa, Florida, us, 33646
Cybersecurity Forensic Analyst Work Location: Remote JOB SUMMARY Cybersecurity Forensic Analyst, under limited supervision, conducts forensic analysis, data recover, eDiscovery and other investigative work. Analysts assist with cybersecurity event response policies, processes and standards for large and complex environments. They are responsible for comprehensive analysis to include recommending appropriate course of action and escalation to various business areas. They perform various cybersecurity examinations of computers and media to identify user activities and collect evidence as an expert in the area of forensic computer science. They assist with cyber event response by cooperating with third-party incident response teams and law enforcement agencies by providing logs, reports, alert notifications, and other requested information. This is a role on the corporate cyber incident response team. Essential Functions The essential functions listed represent the major duties of this role, additional duties may be assigned. Ability to work both independently and as part of a team to conduct forensic analysis to assist with investigations and the drafting of complex reports. An understanding of applicable regulations and frameworks for the United States and Healthcare industry. An understanding of how to acquire, manage and store evidence that can be legally admissible. Technical expertise in performing digital forensics on a variety of media, including hard drives; portable storage (e.g., USB drives, memory cards); smartphones and tablets; and cloud services (SaaS, IaaS) Technical expertise in following industry best practices and standards in digital evidence acquisition, handling and documentation Collaborates with fraud examiners, other IT investigative experts, counsel, human resources (HR) and other IT technical personnel in investigations. Law enforcement investigation experience and understanding of search and seizure Familiar with Forensic analysis of Windows platforms, various UNIX Operating systems. Identify artifact and evidence locations to answer crucial questions, including application execution, file access, data theft, external device usage, cloud services, device geolocation, file transfers, anti-forensics, and detailed system and user activity. Assists in the preparation of detailed technical papers, presentations, recommendations, and findings for Management and other Technology Leaders Periodically provides briefings and presentations to colleagues and leadership supporting analysis of cyber threats Knowledge of tactics, techniques and procedures leveraged by attackers and adversaries (e.g., MITRE ATT&CK) Assists remediation actions as a result of threat and vulnerability assessments or audits Provides training to others on security capabilities, processes, procedures and operational tasks Required Work Experience 5 years related work experience 4 years Cybersecurity (preferably forensics) / 1 years Information Technology Infrastructure Required Education Bachelor's degree or additional related equivalent work experience - Computer Information Systems with Cybersecurity Required Licenses and Certifications GIAC Certified Forensic Analyst (GCFA) or similar Industry Certifications could be required to obtain if converted to FTE Additional Required Qualifications: Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats Strong technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances Demonstrated knowledge of information threat analysis and detection concepts and principles and impact Experience working and managing vendor performance and service level agreements Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts. Strong technical knowledge of current systems, software, protocols and standards. (Including TCP/IP and network administration/protocols). Experience developing, documenting and maintaining security procedures. In-depth knowledge of operating systems and security applications Demonstrated ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously. Ability to communicate highly complex technical information clearly and articulately for all levels and audiences. Ability to manage tasks independently and take ownership of responsibilities Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel. Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacks Ability to evaluate complex, multi-sourced security intelligence artifacts and summarize for consumption by internal stakeholders. Additional Required Qualifications: Technology related experience with computer operations Manage multiple tasks in a fast-paced changing environment Excellent verbal and written communication and effectively interact with all levels of management Travel as needed as needed to retail centers within the region Exerting up to 50 pounds of force occasionally to move objects. DICE tkettwickc4techservices.com