Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VP DFIR
Company Aon's Cyber Solutions
Location NY, Chicago, Dallas, Remote
Preferred GIAC Certifications GASF, GCFA, GCTI, GCFE, GREM, GNFA,
Travel 25%
Salary Not provided
URL https://jobs.aon.com/jobs/33710?lang=en-us&previousLocale=en-US
Contact Name 4n6Khaleesi
Contact Email rbrooks/at/strozfriedberg.com
Expires 2020-04-28

Job Description

Aon is looking for a Vice President, Digital Forensics and Incident Response

As part of an industry-leading team, you will help drive results for our clients by delivering innovative and effective solutions. As a Vice President, you will be a leader within the DFIR practice and report directly to a Managing Director. Locations include Chicago, DC, Dallas, NY or Remote.


Your impact as a Vice President:

As a Vice President, you will lead teams of professionals working high-stakes, high-profile incident response investigations for our clients as well as performing hands-on analyses yourself. You are expected to bring significant experience in the cybersecurity and technical consulting industries to bear on your casework. You will scope, coordinate, oversee, and conduct analyses on client engagements which necessarily requires familiarity with ever-evolving technologies. As a leader within the DFIR practice, you will have direct impact and appropriate responsibility for the quality of work produced by the practice as well as identifying and implementing appropriate measures to protect our long-standing reputation as a best-in-class provider of DFIR services.



Job Responsibilities:

Incident Response Investigations
-Lead client engagement efforts from initial scoping calls to report delivery, including developing budgets and working with Engagement Managers to provide regular status updates.
-Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis and lead investigative teams.
-Counsel clients in distress and provide guidance around containment and remediation measures across all major operating systems and network device platforms.
-Produce high quality oral and written work product presenting complex technical issues clearly and concisely.
-Ensure that client matters are staffed adequately and efficiently and that agreed deadlines are met.
-Liaise with external stakeholders, including counsel, vendors, and law enforcement agencies.
-Draft and conduct peer review of expert reports, affidavits, and other expert testimony, as necessary.

People
-Actively support the mentorship and technical development of junior DFIR personnel.
-Supervise other DFIR staff, including coordinating teams of experts, assuring stellar work product, and assisting with performance reviews and mentorship of cybersecurity experts.
-Seek opportunities to broaden expertise of DFIR personnel through in-house and outside training.
-Ensure the smooth functioning of the forensic laboratory under your direct supervision (if applicable); foster teamwork, information sharing, and inter-office collaboration and consistency.

Practice Management
-Collaborate with Marketing and other stakeholders on collateral and thought leadership content.
-Participate in technical meetings and working groups to address issues related to malware security,
vulnerabilities, and issues of cybersecurity and preparedness.


You Bring Knowledge and Expertise

Required Expertise:

-Strong work ethic and even stronger analytic, quantitative, and creative problem-solving abilities.
-Outstanding client service skills and a high level of professionalism.
-Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to client matters and needs.
-Deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.).
-Proficiency with industry-standard forensic toolsets, including X-Ways, EnCase, Axiom/IEF, Cellebrite/UFED, and FTK.
-Experience with conducting log analysis of various types of logs, including Windows Event Logs, Apache, IIS, and firewall logs.
-Clarity in written and oral communication.
-Confidence, humility, and a commitment to learning and teaching others in a collaborative environment of talented high performers.
-Comfort with intermittent periods of significant travel, evening and weekend hours.


Preferred Experience:

-GCFE, GCIH, CCE, EnCE or equivalent digital forensics / incident response certification.
-Experience with enterprise cloud infrastructures such as Amazon Web Services, G Suite, Office 365, and Azure.
-Proficiency with database querying and analysis.
-Interest in building intellectual capital for the firm by writing blogs, submitting to CFPs, and creating internal tools for analysis.


Education:

Bachelor’s degree required. 7+ years or more of sustained excellence in the Incident Response industry