girl looking into her desktop
Back to search results

Digital Forensics Lead - Cyber Security Defense - B4

Denver, Colorado;

Job Description:

The Senior Digital Forensics Specialist works within Cyber Security Defense organization and collaborates with the Incident Response Team. This is a highly visible role with the responsibility for briefing leadership on the outcomes of your investigations. This role focuses on:

  • Developing tooling and capabilities to scale forensic investigations across cloud, enterprise, and endpoint environments
  • Researching and remaining current on various attacker methodologies
  • Performing forensics remotely and in cloud environments
  • While possible, this role is not focused traditional dead-box forensics. To be successful in this role, it requires broad technical capabilities across multiple disciplines supporting incident response ranging from the ability to build and automate tooling, analyzing custom logs, understanding multiple OSs, mobile and integrating technical incident response into a multi-cloud environment
  • Strong technical acumen is necessary along with critical thinking and the ability to convey highly technical evidence and data-driven conclusions to senior leaders.

Responsibilities include, but are not limited to:
•    You will independently lead technical investigations and perform digital forensics in a broad range of environments to include the cloud
•    Help identify and develop ways to improve the team's production and efficiency by accelerating on our existing tools and processes
•    Develop tools and infrastructure to scale digital forensics/incident response across cloud environments
•    Actively participate in DFIR exercises 
•    Perform root cause analysis 
•    Assist with the mentoring, training, and development of junior staff
•    Compose official forensic documentation (analysis reports, inventories, and timelines) for significant events
•    While this is an individual contributor role, Senior Digital Forensics Specialists are assigned managerial tasks to act as the proxy for the control owner when that individual is not available (to include meetings with leadership, compliance, audit, and other stakeholders and partners).
Requirements
•    3+ years of experience leading technical investigations
•    Deep understanding of attacker methodologies
•    Hands on experience with forensics and investigating intrusions in AWS, GCP, and Azure and other cloud environments
•    Expert knowledge system internals knowledge of Windows, MacOS, and Linux
•    Experience with virtualization (e.g. VMware)
•    Efficient report writing skills for varied audiences including both management and technical.

Certification in EnCase (EnCE) or an equivalent forensic certification is required within the first year of employment. 

This role is for Mountain / Pacific time zone support

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The Senior Digital Forensics Specialist works within Cyber Security Defense organization and collaborates with the Incident Response Team. This is a highly visible role with the responsibility for briefing leadership on the outcomes of your investigations. This role focuses on:

  • Developing tooling and capabilities to scale forensic investigations across cloud, enterprise, and endpoint environments
  • Researching and remaining current on various attacker methodologies
  • Performing forensics remotely and in cloud environments
  • While possible, this role is not focused traditional dead-box forensics. To be successful in this role, it requires broad technical capabilities across multiple disciplines supporting incident response ranging from the ability to build and automate tooling, analyzing custom logs, understanding multiple OSs, mobile and integrating technical incident response into a multi-cloud environment
  • Strong technical acumen is necessary along with critical thinking and the ability to convey highly technical evidence and data-driven conclusions to senior leaders.

Responsibilities include, but are not limited to:
•    You will independently lead technical investigations and perform digital forensics in a broad range of environments to include the cloud
•    Help identify and develop ways to improve the team's production and efficiency by accelerating on our existing tools and processes
•    Develop tools and infrastructure to scale digital forensics/incident response across cloud environments
•    Actively participate in DFIR exercises 
•    Perform root cause analysis 
•    Assist with the mentoring, training, and development of junior staff
•    Compose official forensic documentation (analysis reports, inventories, and timelines) for significant events
•    While this is an individual contributor role, Senior Digital Forensics Specialists are assigned managerial tasks to act as the proxy for the control owner when that individual is not available (to include meetings with leadership, compliance, audit, and other stakeholders and partners).
Requirements
•    3+ years of experience leading technical investigations
•    Deep understanding of attacker methodologies
•    Hands on experience with forensics and investigating intrusions in AWS, GCP, and Azure and other cloud environments
•    Expert knowledge system internals knowledge of Windows, MacOS, and Linux
•    Experience with virtualization (e.g. VMware)
•    Efficient report writing skills for varied audiences including both management and technical.

Certification in EnCase (EnCE) or an equivalent forensic certification is required within the first year of employment. 

This role is for Mountain / Pacific time zone support

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21067444

Band: H4

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Adam Waller

Referral Bonus:

0

Colorado job seekers

Colorado pay range:

$129,000 - $150,700 annualized salary, offers to be negotiated based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.