Senior Forensics Examiner
Posted on Sep 13, 2019 by Request Technology
A prestigious company is on the search for a Sr. Forensics Examiner. This person is responsible for post-breach incident response functions such as host-based analysis functions through investigating windows, Linux, and Mac OS X systems to identify IOCs. This person needs experience with the following tools including: Encase, FTK, X-ways, Axiom, SIFT, and Splunk to find the source of compromises and malicious activity.
- Regularly Perform post-breach incident response functions including but not limited to: host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
- Examine Firewall, web, database, and other log sources to identify evidence of malicious activity. (end-to-end IR cases and investigations while regularly performing host-based analysis).
- Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, Axiom, SIFT, Splunk, to determine source of compromises and malicious activity that occurred.
- Mentor team members in incident response and forensics best practices.
- Testifying in court, Grand Jury, or other legal proceedings through testimony, sworn affidavits, or other legal instruments.
- Conduct Live and dead box acquisitions of computer systems, Servers, mobile devices and digital media
- Maintaining operational effectiveness of all hardware, software, and forensic support equipment.
- Maintaining proper chain of custody of evidence and associated documentation
- 8+ years of incident response or digital forensics experience
- Experience conducting triage, collection, and analysis involving intrusion/breach incidents
- Proficient with host-based and server forensics pertaining to data breach response
- Experienced with EnCase, FTK, X-Ways, Axiom, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools
- Incident response experience
- Scripting (powershell, Python, etc)
- Malware analysis
- Bachelor's Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field