Jobs · Legal · New York

Sr. Specialist - Digital Security Investigations

Con Edison · New York, NY · 6 days ago
On-siteLegalOther

Responsibilities

  • Lead complex insider threat digital investigations, with primary focus on OT/ICS environments and support for IT investigations as required.
  • Conduct enterprise-wide forensic evidence collection across IT and OT systems, ensuring accurate, secure, and defensible acquisition with proper chain of custody.
  • Analyze digital artifacts to identify insider threat behaviors, attack vectors, indicators of compromise, timelines, and root causes.
  • Prepare and deliver clear, concise investigative reports and strategic recommendations to technical teams and executive leadership.
  • Serve as a technical subject matter expert (SME) and provide evidence to insider threat investigators and cross-functional partners.
  • Collaborate with cybersecurity teams (CSOC, Red Team, Engineering, Vulnerability Management) and OT operations teams to enhance detection, response, and mitigation of insider risk.
  • Perform advanced forensic analysis, including malware reverse engineering and network traffic analysis using commercial and open-source tools.
  • Research emerging insider threat trends and contribute to the development of alerting, detection logic, and investigative methodologies.
  • Maintain and enhance digital investigation lab capabilities, support protective intelligence efforts as needed, and participate in on-call and emergency response activities.

Qualifications

  • Demonstrated experience conducting digital forensic investigations using commercial and open-source tools is required.
  • Strong understanding of insider threat policies, investigative procedures, and evidence handling, including strict chain of custody practices is required.
  • Proven ability to analyze digital evidence, develop investigation timelines, perform root cause analysis, and draw defensible conclusions is required.
  • Experience producing clear, well-structured reports and briefings for both technical teams and executive leadership is required.
  • Knowledge of evolving insider threat trends, tactics, and threat behaviors is required.
  • Understanding of OT/ICS systems, protocols, and architectures is preferred.
  • Preferred physical security investigative experience.
  • Demonstrated ability to maintain confidential information, strong verbal communication and listening skills, and demonstrated analytical skills are required.
  • Proficient in Microsoft Office including Word, Excel, Outlook, and PowerPoint, etc.
  • Required: Accredited Asset Management Specialist (AAMS); Relevant DFIR Certifications: GCIH, GCIA, GCFE, EnCE, GREM, CFCE or similar.

Similar jobs

Sr. Security Specialist

Dp Solutions IncSecurity, CO· 3 days ago
Information Technology$80k/yrapply on dpsolutions.com