|Preferred GIAC Certifications||GNFA, GREM, GCFA, GCIH|
|Contact Name||Ian Day|
Our High-Tech Investigations Unit, part of the larger Cybersecurity and Privacy Law Team, is seeking an Incident Readiness and Technology Development Manager to assist in the development and expansion of the High Technology Investigative Unit’s capabilities.
The Incident Readiness and Technology Development Manager will be responsible for the research, development, and validation of incident response and investigative techniques in a rapidly evolving corporate environment. Under certain circumstances, the Manager may be required to assist with cyber incident response or other corporate investigations.
4 plus years of experience responding to cyber incidents in a large corporate/government environment or 4 plus years of experience comprised of digital forensic related investigations, automation, and engineering.
Knowledge and understanding of network protocols, endpoint/server operating systems, and secure architectures.
Experience performing host, log, memory, and network forensics.
Proficient in Python (preferred) or another programming language.
Familiarity in operating system scripting utilizing Bash or PowerShell
Advanced experience in the use of Splunk and the Search Processing Language (SPL).
Experience using forensic software suites (X-ways, EnCase, FTK).
Knowledge of Cloud computing platforms, primarily AWS and Microsoft Azure.
Ability to define and continuously improve processes to enhance incident response and investigative operations.
Strong analytical and problem-solving skills.
Strong verbal and written communication skills.
Ability to work independently or on a team.
Bachelor’s Degree in Digital Forensics, Information Security, Computer Science, Information Technology, or a related discipline.
Experience with continuous Integration and deployment (CI/CD).
Proficiency in Ansible (preferred), or with other infrastructure automation tools.
Proficiency in Cloud computing architecture and incident response.
Proficiency in utilization of APIs for task automation.
GCFE, GCFA, GCIH, GREM, GNFA, GPEN, CISSP or similar industry-accepted certifications
Experience reversing and analyzing malicious software.