Digital Forensics Incident Response-Security And Privacy Risk Consulting
7884 ApplyButton Widget Job Field Widget ***This position can be located in Chicago, IL, Boston, MA and Irvine, CA.*** In order to address the most critical needs of our clients, RSM US LLP has established the Security and Privacy Risk Consulting group, comprised of more than 150 professionals dedicated exclusively to serving the cyber security needs of our clients.
This group includes experienced consultants located throughout the country dedicated to helping clients with preventing, detecting, and responding to security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise within areas of security testing, architecture, governance, compliance, and digital forensics. We are seeking an experienced Senior Associate Consultant who is passionate about their work and demonstrates strong problem solving abilities to join our Digital Forensics and Incident Response (DFIR) team. Our DFIR practice is made up of individuals able to contribute tangible value to our clients in the areas of digital forensics, incident response, and cyber investigations. Responsibilities will be based on background but will typically include:
- Proactively participate and supervise on projects involving the identification, collection, and analysis of computer systems and electronic data sources relevant to investigative, legal, or regulatory initiatives.
- Perform and supervise remote and onsite digital evidence collections and forensic analysis tasks through the use of industry standard hardware and software applications.
- Evaluate malicious activity on company networks assets and mitigate threats using a variety of digital forensic and incident response tool, processes, and techniques.
- Facilitate communication and coordination between clients, client internal and external counsel, and law enforcement entities.
- Ability to identify cyber security risks, indicators of compromise and remediation tasks of networks and computer systems.
- Understand the technical skills required for completing digital forensic investigations within a lab environment and remote client locations.
- Follow proper evidence collection and chain of custody practices, including the completion of relevant documentation.
- Analyze network logs, application logs, computer systems, and malicious code to identify scope and timeline of system or network compromise.
- Research and test new tools, findings, and investigative methods that may be encountered during an investigation. Document and share any new information that may be useful to the team.
- Assist with the development and delivery of remediation recommendations for identified findings.
- Identify and clearly articulate (written and verbal) findings to senior management and clients, both technical and non-technical audiences.
- This position is for individuals with 2-5 years of hands-on technical digital forensic investigative or incident response experience of personal computer systems, servers, email and electronic data storage, and mobile devices, with a preference for prior consulting or professional services backgrounds.
- Bachelor’s degree in computer science or related field from an accredited college/university.
- At least one industry recognized certification is highly preferred.
- Ability to travel as needed.
- Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices.
- Strong verbal and written abilities.
- Strong multitasking and project management skills.
- One or more of the following technical certifications or similar: GIAC Certified Enterprise Defender (GCED); GIAC Certified Incident Handler (GCIH); GIAC Certified Incident Analyst (GCIA); GIAC Certified Forensic Analyst (GCFA); GIAC Reverse Engineering Malware (GREM); Certified Hacking Forensics Investigator (CHFI); Certified Ethical Hacker (CEH); Certified Computer Examiner (CCE); Certified Forensic Computer Examiner (CFCE) or equivalent vendor specific certifications (e.g. EnCase, AccessData).
- Strong skills in one of the following and familiarity/experience with the others:
- Network forensics (packet analysis, sniffers, examination of suspect ports and services, etc) and log analysis.
- Host and network IDS/IPS platform experience (Sourcefire/snort, Cisco, TippingPoint, Tripwire, Dragon, OSSEC, McAfee HIPS, Symantec Endpoint Protection, etc).
- Malware analysis (file, memory, behavioral) on Windows and Linux systems, experience with mobile devices would be of great benefit.
- Understanding of programming languages, assembly, debuggers /compilers /dissemblers to analyze suspect code and bypass obfuscation.
- Malware monitoring experience (any SIEM, Mandiant Intelligent Response, NetWitness, Damballa, FireEye, etc.).
- System, file, and memory analysis tools experience (sysinternals suite, foundstone suite, hex editors, VMware, sandboxing, etc.).
- System forensics and investigations experience.
- Demonstrate a clear understanding of digital rules of evidence including acquiring forensically sound images, maintaining chain of custody, and the privacy aspects of performing investigations on employee systems.
- Forensic tool suites experience (Axiom, EnCase, Nuix, Autopsy, FTK, etc.).
You want your next step to be the right one. You've worked hard to get where you are today. And now you're ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you'll move quickly along the learning curve and our clients will benefit from your fresh perspective. Text/HTML Job ID: Job Field Widget
Experience RSM US. Experience the power of being understood.
RSM is an equal opportunity/affirmative action employer. Minorities/Females/Disabled/Veterans.
req3837 Text/HTML Line of Business: Job Field Widget
Consulting Services Text/HTML SubFunction: Job Field Widget
RAS Security&Privacy Risk Cons Text/HTML Job Type: Job Field Widget
FullTime Text/HTML Req #: Job Field Widget
req3837 Text/HTML Location: Job Field Widget
Chicago, IL US Text/HTML Region: Job Field Widget
Great Lakes Region Text/HTML Job Category: Job Field Widget
Business Consulting/Technology Text/HTML Employment Type: Job Field Widget
Experienced Text/HTML Degree Required: Job Field Widget
Bachelor Text/HTML Travel: Job Field Widget
Yes ApplyButton Widget Social Sharing