Incident Responder Forensic Analyst - Military veterans preferred



  full-time   employee

United States

Join our growing team as we pursue our vision to make rapid, remote digital forensics and incident response accessible, usable, and valuable to businesses to improve their resiliency to cyberattack. Offering unparalleled speed to resolution, the CyFIR Enterprise platform from CyFIR LLC gives customers the tools to rapidly identify, understand, and eliminate threats to their computing platforms. At CyFIR, we're committed to our work, our customers, and our shared successes.
We're small and every team member counts, so you'll have tremendous ownership, influence, and impact on the products you foster. At CyFIR, we take on new challenges in the cyber security landscape daily, and you'll have a broad opportunity to develop and grow in a dynamic field. You'll work with a small, but top-tier set of dedicated peers, and you'll help build interesting cyber defensive and investigative products that protect the businesses and services we all use. We offer a collaborative work environment, and we dress casually, and enjoy flexible hours. We also think personal development and mentoring is important, and we strongly believe that everyone can learn something from everyone else.

Role and Responsibilities
This position will perform computer security incident response team and investigative activities including: responding to computer security incidents
- Gathering forensic evidence
- Analyzing events based on digital artifacts
- Determining mitigation/remediation/security improvement opportunities
- Working with stakeholders to communicate findings
Execute timely, thorough, and effective incident handling/forensic investigations and threat hunting activities.
Utilize CyFIR technology to conduct large scale forensic investigations.
Provide mitigation services for identified threats and security incidents.
Maintain evidence integrity and chanin of custody during digital forensic acquisitions and analysis.
Complete thorough documentation for incident investigations including root cause analysis, relevant forensic artifacts, and technical and procedural lessons learned.
Identify innovative opportunities for data forensics and incident response (DFIR) tools and processes, which enable rapid analysis and response to security incidents at enterprise scale.
Deliver presentations and briefings regarding relevant security incidents and findings to senior management.
Create and maintain documentation for DFIR including technical procedures, detailed diagrams, pertinent metrics, and reporting templates.
Ensure efficient and effective risk and compliance management practices by adhering to required industry standards and processes.
Collaborate with DFIR teammates, members of operations, and other internal teams. Work closely with product team, senior leadership, security operations, and security engineering.

Qualifications and Education Requirements
Bachelor's degree in Computer Science or related field. Technical trade school or practical experience in lieu of degree will be considered.

5+ years information security experience primarily consisting of forensic analysis, incident response/management, and malware reverse engineering.

Proficiency with DFIR investigative tools, techniques and reporting, including network forensics, and walware reverse engineering.

Familiarity in Windows, MacOS and Linux disk and memory analysis.

Proficiency in at least one scripting language.

Multi-discplinary backgroup in information technologies such as: enterprise web applications, operating system internals, computer programming, networking, firewalls, and system administration.

Preferred Skills
The following certifications: CISSP, CIAC, GCFE, GCFA, GREM, GCIA, GNFA, CEH, CRISC, CISM, ECSA.

Familiarity in electronic discovery practices and previous legal work a plus.