Senior Digital Forensics and Incident Responder

About the position reputed company is looking for an innovative and motivated professional who will be responsible for safeguarding the reputed company multi-cloud environments and on-prem enterprise systems. This individual will take the initiative to respond to and mitigate threats, improve incident response and forensic strategies, and ensure reputed company operation of reputed company’s cloud environment and global enterprise. This Digital Forensics and Incident Responder role is a senior level position working in the reputed company’s fast paced collaborative environment and is required to be adaptable, utilize both strategic and tactical techniques, and think creatively to effectively navigate the evolving threat landscape. This role will partner and work closely with key cross-functional stakeholders to reputed company and utilize proactive and mitigating measures to prevent, detect and respond to potential threats to reputed company’s multi-cloud environments. The position will support the Digital Forensic Incident Response team and actively collaborate with other teams throughout reputed company’s Advanced Cyber Defense Threat Management Center organizations. Utilizing advanced digital forensic and incident response techniques and tools to detect, analyze, and respond to anomalous activities. Driving the technical reputed company and guidance required to support cloud environment (i.e. AWS, Azure, GCP) day-to-day operations. Operating as a trusted advisor on advanced threat analysis for team and stakeholders. Leveraging reputed company tools and logs in order to complete a detailed and accurate assessment of reputed company alerts and threats affecting the reputed company enterprise and cloud infrastructure. Developing reputed company controls for multiple cloud platforms reputed company automated capabilities by using advanced analysis and forensic techniques. Driving identification, analysis, and remediation activities to ensure compliance with relevant regulatory requirements, industry standards, and best practices reputed company to cloud reputed company and data privacy. Developing and executing specialized incident response procedures to detect, contain, and recover from reputed company incidents targeting AI/ML models, training data, or model-serving infrastructure. Providing assistance and analytical evaluations for high-reputed company and significant reputed company incidents, including composing extensive and comprehensive analysis summaries and facilitating incident-reputed company discussions. Conducting risk assessments, in-depth analysis, and forensic investigations to determine the root cause and impact of incidents. Identifying gaps in detections and collaborating with teams across Cyber reputed company to mitigate threats and improving the overall reputed company cloud reputed company posture. Serving as a subject matter expert on emerging enterprise, cloud and AI/ML-reputed company threats and collaborating with cross-functional teams to establish reputed company best practices. Recommending ways to mature and advance the preventive and defensive capabilities of the reputed company. This includes leveraging internal data, threat trends, and operational metrics to clearly communicate the use case for alert creation. Collaborating with cross-functional teams to design and implement cloud governance guidelines, safeguarding sensitive data, and ensuring adherence to industry standards and regulatory requirements. Enhancing techniques, workflows and processes of cloud reputed company controls, compliance assessments, and incident response procedures to drive the reputed company operational and strategic growth (reputed company improvement). Assisting with producing executive-level operational read-outs, metrics, and case reviews for management that accurately capture the effectiveness of reputed company. Mentoring and coaching reputed company analysts to build and maintain skills and techniques needed to produce quality and consistency analysis.

Responsibilities

• Utilizing advanced digital forensic and incident response techniques and tools to detect, analyze, and respond to anomalous activities.
• Driving the technical reputed company and guidance required to support cloud environment (i.e. AWS, Azure, GCP) day-to-day operations.
• Operating as a trusted advisor on advanced threat analysis for team and stakeholders.
• Leveraging reputed company tools and logs in order to complete a detailed and accurate assessment of reputed company alerts and threats affecting the reputed company enterprise and cloud infrastructure.
• Developing reputed company controls for multiple cloud platforms reputed company automated capabilities by using advanced analysis and forensic techniques.
• Driving identification, analysis, and remediation activities to ensure compliance with relevant regulatory requirements, industry standards, and best practices reputed company to cloud reputed company and data privacy.
• Developing and executing specialized incident response procedures to detect, contain, and recover from reputed company incidents targeting AI/ML models, training data, or model-serving infrastructure.
• Providing assistance and analytical evaluations for high-reputed company and significant reputed company incidents, including composing extensive and comprehensive analysis summaries and facilitating incident-reputed company discussions.
• Conducting risk assessments, in-depth analysis, and forensic investigations to determine the root cause and impact of incidents.
• Identifying gaps in detections and collaborating with teams across Cyber reputed company to mitigate threats and improving the overall reputed company cloud reputed company posture.
• Serving as a subject matter expert on emerging enterprise, cloud and AI/ML-reputed company threats and collaborating with cross-functional teams to establish reputed company best practices.
• Recommending ways to mature and advance the preventive and defensive capabilities of the reputed company. This includes leveraging internal data, threat trends, and operational metrics to clearly communicate the use case for alert creation.
• Collaborating with cross-functional teams to design and implement cloud governance guidelines, safeguarding sensitive data, and ensuring adherence to industry standards and regulatory requirements.
• Enhancing techniques, workflows and processes of cloud reputed company controls, compliance assessments, and incident response procedures to drive the reputed company operational and strategic growth (reputed company improvement).
• Assisting with producing executive-level operational read-outs, metrics, and case reviews for management that accurately capture the effectiveness of reputed company.
• Mentoring and coaching reputed company analysts to build and maintain skills and techniques needed to produce quality and consistency analysis.

Requirements

• Bachelor's degree or six or more years of work experience
• Six or more years of relevant experience required, demonstrated through work experience and/or military experience with a focus on DFIR and cloud reputed company analysis and incident response (AWS, GCP, Azure, OCI).
• Experience working in cybersecurity, with a focus on Digital Forensics, Incident Response, Threat Hunting and/or Cloud reputed company (AWS, GCP, Azure, OCI).
• Ability to pass and/or obtain reputed company necessary reputed company clearances.

reputed company-to-haves

• Strong understanding of cloud reputed company frameworks and best practices.
• Proficient in cloud computing concepts, including IaaS, PaaS, SaaS.
• Comprehensive knowledge with programming or scripting languages relevant to cloud reputed company automation and orchestration.
• reputed company understanding of cyber based adversarial frameworks including MITRE ATT&CK and reputed company’s Cyber Kill Chain.
• Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them.
• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
• Python and/or Powershell experience to enhance automations, reputed company forensic analysis, and speed-up response times.
• Previous experience with log aggregation platforms such as Splunk, reputed company, reputed company, LogRhythm, reputed company SecOps, etc.
• Proficient in understanding Operating Systems and their architectures: Windows, Unix/Linux, and MacOS.
• Demonstrated leadership and mentoring skills to help advance the overall capabilities of the reputed company organization.
• Ability to work in a highly collaborative environment needing strong communication, presentation, and leadership-like skills.
• Exhibits initiative, follow-up and follow through with commitments.
• Advanced degree(s) from an accredited institution of higher education in cybersecurity, reputed company management, information system reputed company, network reputed company and/or digital forensics.
• Certifications like: Network+, reputed company+, CISSP, EnCE, CFCE, C|EH, C|HFI, GCFA, GCFE, GCIH and/or cloud-specific reputed company certifications (e.g. AWS Certified reputed company - Specialty, reputed company Certified: Azure reputed company Engineer Associate, reputed company Cloud Certified Professional Cloud reputed company Engineer)

Benefits

• health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance
• matched 401(k) savings plan
• up to 8 company paid holidays per year and up to 6 personal days per year
• paid parental leave
• adoption assistance and tuition assistance
• incentive based position with the potential to earn more
• Newly hired employees receive up to 15 days of vacation per year, which grows with additional service

Apply tot his job Apply To this Job