Systems Engineer and Analysis (Digital Forensics) - Judge Group

Title: Systems Engineer and Analysis

Location: White Plains, NY
Duration: Long Term Contract

JOB DESCRIPTION:

5 days remote....no expectation of days in the office, however, the position does require possible travel to customer onsite locations 10 - 15% of time.

MUST HAVE SKILLS (Most Important):

Are you naturally curious about complex topics that others shy away from? Are you an innovator that is ready to become a pioneer in the information security community? Then look no further! The ** Threat Research Advisory Center consults multinational corporations and government agencies regarding their cybersecurity posture, as well as advising executive leadership teams, advisory boards, and boards of directors through cybersecurity incidents and strategic planning. As a member of this world-class team of consultants located across the Americas, EMEA, and APAC you will be a part of a group that leads thousands of cybersecurity investigations and other proactive engagements. You will also develop data annually that will assist with authoring/drafting the industry-leading Data Breach Investigations Report and Data Breach Digest.

What you’ll be doing:

Working remotely in the continental U.S. as an integral part of a global response team.

Traveling occasionally to perform forensic response and proactive training exercises.

Leading and supporting complex engagements with a variety of clients across a wide range of business verticals.

Leveraging diverse methodologies to investigate cybersecurity incidents, which may include ongoing breach investigations, privacy issues, and non-compliance matters in order to provide an impact assessment and remediation recommendations to clients.

Producing high-quality oral and written work products to present complex technical matters, clearly and concisely to a variety of stakeholders.

You’ll need to have:

Four years of relevant digital forensic, cyber intrusion and incident response work experience, or similar.

A bachelor’s degree from an accredited university (may be substituted for additional years of relevant work experience).

Ability to function in a dynamic environment, managing multiple priorities and deadlines.

Ability to make recommendations to remediate complex security threats.

Ability to synthesize data from multiple sources and present concise, relevant information to a non-technical audience.

Excellent communication skills with the ability to present to a variety of audiences.

Ability to set and manage competing expectations and priorities with technical and senior stakeholders.

Well-developed analytic, qualitative and quantitative reasoning skills ? Demonstrated creative problem-solving abilities and ability to share knowledge with colleagues.

Possess a valid driver’s license.

Willingness to Travel: Comfort with intermittent periods of travel, evening and weekend hours.

Technical Qualifications:

One or more technical certifications in areas such as incident handling, forensic analysis, reverse malware engineering or forensic tool-specific training.

Experience with Developing and managing incident response programs

Network infrastructure and communication protocols

Packet capture and TCP/UDP traffic flow analysis

System and network log analysis

Programming or scripting languages (such as Python, PowerShell, etc.) in an incident handling environment.

Advanced understanding of computer exploitation methodologies.

Current information security solutions and technologies, including network and host-based products  

Implementing NIST information security guidelines

Using forensic tools such as EnCase, FTK, Sleuth Kit, Volatility, Axiom, Cellebrite, Black Light, X-Ways, or similar.

Experience with SIEM, EDR, IDS, and DLP technologies.

Memory and volatile data analysis.

Knowledge in enterprise cloud infrastructure (AWS, G-Suite, O365, Azure, etc.)

Command line tooling (grep, sed, awk, PowerShell, etc.)

Conducting security assessments, penetration testing or ethical hacking.

Managing day-to-day aspects of privileged and confidential customer relationships

Managing remote engagements with a variety of remote communication methods (video conferencing, telephonically and chat based platforms).

An advanced degree in a relevant field of study.

Interest in authoring industry leading thought articles on technical and non-technical topics.

Law enforcement, military intelligence, investigative or professional security services background preferred, but not required.