Information Security Forensic Analyst
Ryder System, Inc. · Coral Gables, FL · 1 wk ago
Information Technology$80k/yrFull-time
About the role
The Information Security Forensic Analyst supports the 24/7 incident response by providing host and network forensic analysis. This role involves investigating security incidents, working closely with various teams, and managing information security incidents.
Responsibilities
- Plans, coordinates, and directs the inventory, examination, and comprehensive technical analysis of computer-related evidence.
- Distills analytic findings into executive summaries and in-depth technical reports.
- Serves as a technical forensic liaison to stakeholders and explains investigations details to include forensic methodologies and protocols.
- Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement.
- Acquire/collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements.
- Correlate forensic findings to network events in support of developing and intrusion narratives.
- Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products.
- Track and document forensic analysis from initial participation through resolution.
- Perform forensic triage of an incident to include determining scope, urgency and potential impact.
- Assists with leading and coordinating forensic preliminary investigations.
- Evaluates, extracts, and analyzes suspected malicious code.
- Triage Electronic devices and assess evidentiary value.
- Be readily available to participate in collaborative threat analysis meetings with internal and external trusted entities.
- Perform other duties as assigned.
Qualifications
- Bachelor's degree required in Information Assurance, Computer Science, Engineering or related technical field.
- Master's degree preferred.
- Advanced technical degree (Information Assurance, Computer Science, Engineering) preferred.
- Three (3) years or more related security systems administration with endpoint, network, application and host-based security solutions.
- Three (3) years or more cybersecurity risk management and/or IT experience.
- Two (2) years or more Cloud computing (e.g., Amazon Web Services, Google Cloud Platform or Microsoft Azure) security configuration and management experience preferred.
- Understanding of System and Application security threats and vulnerabilities advanced required.
- Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources advanced required.
- Proficiency with common operating systems (e.g, Linux/Unix, Windows) advanced required.
- Experience with several industry standard forensic and digital analysis tools advanced required.
- Knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development intermediate required.
- Knowledge of Information Security components, principles, practices, and procedures intermediate preferred.
- Information Risk, Privacy, or Security Certification (CISSP, CCSK, CCSP, PCSM) preferred.