Incident Response Forensic Analyst - New York
AccessData - Valhalla, NY

This job posting is no longer available on AccessData. Find similar jobs: Incident Response Forensic Analyst jobs - AccessData jobs

About AccessData Incident Response Services

AccessData is seeking qualified candidates to join our growing team as Incident Response Forensics Analysts. Our incident responders have backgrounds as government and Fortune 100 cyber security practitioners, and our services are regularly enlisted by some of the largest organizations in the world to deal with complex and sophisticated compromises. Because AccessData is also a leading cyber security software developer, our clients have the benefit of working with services experts who have unmatched expertise in the technology and the support of our development team behind them.

Essential Duties and Responsibilities

Conduct highly-confidential investigations for a global client list (e.g., data loss, virus outbreak, advanced persistent threats)

Conduct examination of digital media (hard drives, mobile phones, etc.)

Capture / analyze network traffic for indications of compromise

Review log-based data, both in raw form and utilizing SIEM or aggregation tools

Employ best practices and forensically sound principals such as evidence handling and chain of custody

Establish timelines and patterns of activity based on multiple data sources

Identify, document and prepare reports on relevant findings

Utilize varied forensic software such as FTK, Encase, Helix, etc.

Effectively communicate with clients to establish timelines, manage expectations, and report findings

Required Knowledge, Skills and Abilities

Demonstrated computer forensic investigations experience

Expert-level knowledge of common attack vectors and penetration techniques

Solid working knowledge of networking technology and tools, firewalls, proxies, IDS/IPS, encryption

Demonstrated knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT

Experience with malware analysis (reverse engineering)

Excellent technical writing and presentation skills

Ability to successfully interface with clients

Event analysis and correlation

Experience managing large and small scale incidents

Additional Preferred Skills

Strong understanding of networking protocols such as TCP/IP, IPSEC, RIP, EIGRP, OSPF

Experience in a fast-paced consulting organization

Experience with programming or scripting languages

Familiar with SIEM tools such as ArcSight, NitroSecurity, enVision, etc.

Demonstrated system administration skills

Education / Experience

Bachelor’s degree in computer science, digital forensics or related technical discipline or demonstrated equivalent work experience.

Minimum 5 years required in digital forensics and/or security, with 2 years desired in incident response

Preference given to candidates with current relevant industry certifications (ACE, EnCE, CFCE, CCE, DFCP, GCIA, GCIH, GREM, CSIH, etc.)

**Note: Successful candidate will be required to obtain AccessData ACE certification within 1 year

AccessData - 20 months ago - save job - block
About this company
3 reviews