We are seeking an IT Forensic Analyst to join the Security Intelligence Center Division of Information Technology.
The Security Intelligence Center Division is responsible for providing security operations, including 7/24 Security Operations Center (SOC), cyber intelligence, forensic services, network and endpoint protections as well as running Security Information and Event Management (SIEM), Log Management System (LMS) and Cyber Intelligence Management System (CIMS).
The IT Forensic Analyst primary role is to forensically analyze host, memory, network, security logs and/or reverse-malware in an active large scale enterprise to detect malicious activity. Participate in incident response activities in a team environment. Author technical reports on forensic and incident response findings for remediation and enhanced protections.
As the successful candidate, you will hold a Bachelor’s degree in Computer Science from a recognized and approved program. An advanced degree is preferred.
You will have ten or more years of experience in Information Technology, including at least six in information security. You must have a strong understanding of security concepts, best practices, and tools, such as EnCase, Access Data, and FTK. You will be able to demonstrate familiarity with common protocols such as: DNS, DHCP, LDAP, SNMP, SMTP, HTTP, and SSL. You will also have to communicate effectively and work well in a team, perform under pressure in a fast-paced, dynamic environment. Two or more certifications are also necessary, such as GIAC Certified Forensic Analyst – GIAC Certified Forensic Examiner – Certified Ethical Hacker (CEH) Two or more of the following certifications: – GIAC Certified Penetration Tester (GPEN) – GIAC Assessing Wireless Networks (GAWN) – GIAC Systems and Network Auditor (GSNA) – GIAC Information Security Professional (GISP) – Computer Hacking Forensic Investigator – EC-Council Certified Security Analyst – GIAC Certified Enterprise Defender (GCED) or similar certification or equivalent academic courses (higher education).
Duties and Responsibilities
ou will be required to perform the following:
Analyze Malware Code in support of incident analysis and response.
Perform dynamic and static analysis of malware.
Provide Malware Code analysis findings in technical analysis reports.
Conduct cybersecurity system forensic investigations and analysis.
Conduct forensics sweeps and collective examinations on compromised systems.
Generating security operational summaries and reports.
Provide guidance to security analyst and Operations staff on systems Security Related aspects.