We are seeking a Security Analyst to work in our Forensic Analysis department. We be conducting highly-confidential investigations for a global client list (e.g., data loss, virus outbreak, advanced persistent threats). Conduct examination of digital media (hard drives, mobile phones, etc.) Capture / analyze network traffic for indications of compromise. Review log-based data, both in raw form and utilizing SIEM or aggregation tools. Employ best practices and forensically sound principals such as evidence handling and chain of custody.
Establish timelines and patterns of activity based on multiple data sources . Identify, document and prepare reports on relevant findings. Utilize varied forensic software such as FTK, Encase, Helix, etc. Effectively communicate with clients to establish timelines, manage expectations, and report findings. Demonstrated computer forensic investigations experience. Expert-level knowledge of common attack vectors and penetration techniques. Solid working knowledge of networking technology and tools, firewalls, proxies, IDS/IPS, encryption. Demonstrated knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT. Experience with malware analysis (reverse engineering). Ability to successfully interface with clients Event analysis and correlation Experience managing large and small scale incidents Additional Preferred Skills Strong understanding of networking protocols such as TCP/IP, IPSEC, RIP, EIGRP, OSPF Experience in a fast-paced consulting organization Experience with programming or scripting languages Familiar with SIEM tools such as ArcSight, NitroSecurity, enVision,