Jobs · Information Technology · New Jersey

Cyber Defense Forensics Analyst

EY · Hoboken, NJ · 3 wk ago
On-siteInformation TechnologyFull-time

The opportunity

Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents.

Your key responsibilities

  • Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified
  • Forensically analyze end user systems and servers found to have possible indicators of compromise
  • Analysis of artifacts collected during a security incident/forensic analysis
  • Identify security incidents through 'Hunting' operations within a SIEM and other relevant tools
  • Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions
  • Provide consultation and assessment on perceived security threats
  • Maintain, manage, improve and update security incident process and protocol documentation
  • Regularly provide reporting and metrics on case work
  • Resolution of security incidents by identifying root cause and solutions
  • Analyze findings in investigative matters, and develop fact-based reports
  • Be on-call to deliver global incident response

Skills and attributes for success

  • Resolution of security incidents by identifying root cause and solutions
  • Analyze findings in investigative matters, and develop fact-based reports
  • Proven integrity and judgment within a professional environment
  • Ability to appropriately balance work/personal priorities

To qualify for the role you must have

  • Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field
  • 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering;
  • Understanding of security threats, vulnerabilities, and incident response;
  • Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis;
  • Be familiar with legalities surrounding electronic discovery and analysis;
  • Experience with SIEM technologies (i.e. Splunk);
  • Deep understanding of both Windows and Unix/Linux based operating systems;

Ideally, you’ll also have

  • Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH
  • Background in security incident response in Cloud-based environments, such as Azure
  • Programming skills in PowerShell, Python and/or C/C++
  • Understanding of the best security practices for network architecture and server configuration

What we look for

  • Demonstrated integrity in a professional environment
  • Ability to work independently
  • Have a global mind-set for working with different cultures and backgrounds
  • Knowledgeable in business industry standard security incident response process, procedures, and life cycle
  • Excellent teaming skills
  • Excellent social, communication, and writing skills

Similar jobs