Title: Cyber Command Forensic Analyst Location: Brroklyn, NY Hybrid: Work location & Remote (3 days in office/2 days remote) Duration: 1 year Job Description: The resource function is essential to client's ability to defend City systems from cyber threat including direct support of life safety, and revenue generating operations. Cyber Security Threats have increased their sophistication post-covid-19. Ransomware authors are routinely targeting critical infrastructure. The Analyst will contribute to client's ability to respond to citywide cybersecurity incidents and conduct investigations. Lack of resources would result in increased likelihood of cyber events that may require costly remediation efforts. SCOPE OF SERVICES: The forensics Analyst will investigate network intrusions and other cyber incidents to determine cause, extent and consequences of the breach. TASKS:
- Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based forensic analysis.
- Research and develop new techniques, and procedures to continually improve the digital forensics process.
- Produce high quality written work product presenting complex technical issues clearly and concisely.
- Managing and maintaining the analysis labs and forensics tools leveraged for investigations.
- Ensuring data is collected and preserved within industry standard best practices and in alignment evidence integrity requirements.
- ssisting the Cyber Emergency Response Team during critical incidents
MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered
- Minimum 4 years of experience in Threat Management/Forensics Investigations/Incident Response environment
- Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools.
DESIRABLE SKILLS/EXPERIENCE:
- Experience with a wide range of forensic tools (TZWorks, X-Ways, SIFT, AXIOM, Volatility, etc.)
- Experience with memory analysis tools (i.e. Volatility)
- Experience with Linux and open source tools
- Experience investigating intrusions on Windows and Linux/Unix operating systems
- Knowledge of gathering, accessing, and assessing evidence from computer systems and electronic devices
- Knowledge of virtual environments
- Knowledge of forensic imaging techniques
- Knowledge of Microsoft Windows operating system and Windows artifacts
- Knowledge of Linux/UNIX operating systems and artifacts
- Knowledge of MAC OS operating system and forensics artifacts
- Knowledge of file systems
- Strong analytical skills