Forensic Cyber Engineer
ITR
Oak Ridge, TN
- Full-Time
Job Description
Forensic Engineer
Major Duties/Responsibilities:
- Conduct digital and forensics investigations, to include malware analysis, image capturing and analysis for incident response, and other investigations as necessary by request of authorized officials
- Help develop and modify tools to analyze forensic data and provide accurate information for activity review, to include remote access
- Ability to create threat hunting hypotheses, then plan and scope Threat Hunting missions
- Use Endpoint Detection and Response (EDR) tools to create new detection rules, identify threats and resolve alerts
- Collaborate with cyber security, network, data center operations, security operations center, cyber security research, and other staff to ensure appropriate configuration and implementation of security tools, both existing and emergent
- Standardize, document, maintain, and automate processes for monitoring, analyzing, responding to, and reporting of events
- Create tactical, ad hoc scripts to supplement existing tool base as needed
- Extract and correlate large data sets (Elastic)
- Must have experience with the following technologies: SIEM (Elastic), EDR (Endgame), Encase, FTK, F-Response, and other open-source forensic tools, CASB/SASE, vulnerability scanning tools, and others as needed
- Assorted peripheral security tasks
Qualifications Required:
Bachelor’s degree with a concentration in Computer Science, Cyber, or Forensics, with 2 years of experience in investigative techniques and experience in cyber or related field. Experience / certifications in digital forensics and investigations. A combination of education and experience may be considered for exceptional candidates with background in engineering, programming, and investigative techniques.
- Digital Forensics background and experience required, will be expected to succinctly discuss methodology throughout the investigative process in multiple scenarios
- Solid understanding of MITRE ATTACK methodology
- Experience with SIEM Administration
- Working knowledge of Azure or similar technologies
- Experience with tool integration via API
- Intermediate to advanced Linux skills with a focus in cyber security
- Knowledge of end-to-end flow and understanding of networking concepts such as ports, protocols, listeners, perimeter traversal, packet analysis, etc.
- Strong interpersonal and communication skills
Qualifications Preferred:
- Master’s Degree in Computer Science, Cyber, or Forensics
- 2 + years of experience in investigative techniques
- Industry certifications such as GIAC (SANS) certifications
Address
ITR
Oak Ridge, TN
USA
Industry
Legal
Posted date
23 days ago
View All ITR Jobs
How can the hiring manager reach you?
You Already Have an Account
We're sending an email you can use to verify and access your account.
If you know your password, you can go to the sign in page.