Back to Job Search

Digital Forensic Incident Response Analyst

  • Location: Plano, Texas, 75024
  • Salary: 55.0
  • Job Type:Contract

Posted 7 days ago

This international network integration leader has an immediate 6-12+ month contract opportunity in Plano, TX for a Digital Forensic Incident Response Analyst. Will be working remotely initially but must be available to work onsite in Plano, TX in the future.  Seeking a Digital Forensic Investigator to work on the Malware and Forensics team. This position requires a strong technical security professional, who will be responsible for conducting highly technical and confidential investigations. (e.g. data loss, advanced persistent threats, malware analysis, etc..)

The Digital Forensics Investigator will be responsible for managing the collection of electronically stored information and digital evidence, coordination of internal investigations of business misconduct and reported employee wrongdoing across business units and suppliers, detailed forensic analysis of evidence collected, and providing forensic guidance to leadership.

RESPONSIBILITIES:

 

  • Conduct examination of digital media (hard drives, network traffic, mobile phones, etc.).

  • Capture / analyze network traffic for indications of compromise.

  • Review log-based data, both in raw form and utilizing SIEM or aggregation tools.

  • Employ best practices and forensically sound principals such as evidence handling and chain of custody.

  • Perform live network assessments using leading packet capture and analysis software tools.

  • Establish timelines and patterns of activity based on multiple data sources.

  • Identify, document and prepare reports on relevant findings.

  • Utilize varied forensic software such as Axiom, FTK, Encase, IEF, etc.

  • Effectively communicate with clients to establish timelines, manage expectations, and report findings.


REQUIRED TECHNICAL AND PROFESSIONAL EXPERTISE:

  • At least 3-5 years of experience in IT Security Digital Forensics

  • Memory forensics

  • Network forensics

  • End host forensics

  • Log analysis

  • Static and Dynamic malware analysis.

  • At least 2 years of experience in Incident Response in a global corporate enterprise


PREFERRED TECHNICAL AND PROFESSIONAL EXPERTISE:

  • Certified in EnCE, CFCE, CCE, DFCP, GCIA, GCIH, GREM, CSIH

  • Strong understanding of networking protocols.

  • Experience in fast-paced investigations.

  • Experience with programming or scripting languages.

  • Familiar with Splunk SIEM tool is a plus

  • Demonstrated system administration skills.

  • Ability to present highly technical information to non-technical audiences.

  • Collaborate, build relationships, gain credibility, and partner effectively with others up and down a matrixed organization

  • Maintain open, honest, and timely communication with personnel involved in investigations/projects

  • Candidate must also have working-familiarity with forensic tools

  • Ensure confidentiality of sensitive information is maintained

  • Conduct research using multiple information and data sources

  • Provide courtroom testimony when required