Apply for this Position.Apply Now
• Perform highly sensitive and confidential investigations, including digital forensic analysis; involving internal risks such as employee misconduct, intellectual property theft, embezzlement, misuse, harassment, and physical security threats.
• Lead proactive efforts to identify, disrupt, and protect from any internal threats that may undermine the integrity and operations of the business.
• Conduct forensic analysis of physical devices and other electronic data sources in support of internal investigations and other legal requests using forensically sound processes.
• Provide subject matter guidance and work collaboratively with incident response and other cyber security teams in the event of a cross-functional investigation.
• Drive continuous improvement across the cyber investigations group and its processes.
• Utilize a range of data sources, systems, and tools to collect, search, recover, sort, and organize large volumes of digital evidence during all phases of the investigative process.
• Collect and preserve electronically stored evidence and digital media using repeatable and defensible procedures, ensuring chain of custody throughout the evidence lifecycle.
• Deliver clear and meaningful results and associated reporting to requestors of various levels across the organization.
• Maintain awareness of new forensic technology, techniques, and industry best practices.
• Utilize data analysis and data visualization tools to identify risks to sensitive information and support cyber enabled investigations.
• Assist team leadership with the development, collection, and publication of metrics that illustrate team performance and highlight obstacles thwarting team potential.
• Be proactive and think outside the box, looking for threats and opportunities before they occur.
• Fundamental background in Information Security and Data Loss Prevention methodologies.
• Bachelor of Science in STEM-related field such as: Computer Science, Information Assurance, Information Systems, Software Engineering or Criminal Justice.
• Minimum of 5 years’ experience in computer forensics, investigations, or similar information security discipline leading digital investigations following legally sound practices (including chain of custody).
• Expertise with workstations, servers, networking appliances, mobile devices and SaaS platforms.
• Experience defending against insider data exfiltration and modification, including UEBA and DLP.
• Experience designing and implementing technical and administrative controls to prevent, detect, and respond to insider threats across both cyber and physical security domains.
• Experience with insider threat analysis, mitigation and program design.
• Demonstrated ability to design, develop, review and finalize insider threat workflows, policies, procedures, guidelines, and training.
• Thorough understanding of a SOC or similar environment methodology, including threat monitoring, intrusion detection, analysis, threat determination, incident handling and remediation tracking.
• Experience interpreting data from network security tools and infrastructure technologies such as SIEM, firewall, proxies, IPS/IDS devices, full packet capture, and email platforms.
• Working knowledge and proven experience with current digital forensic best practices and methodologies.
• Demonstrated expertise in both working in and handling extremely confidential investigations.
• Experience with forensic technologies such as EnCase.
• Experience with emerging cloud technology services and their effect on digital investigations.
• Good understanding of possible methods of internal and external data movement
• EnCase Certified Examiner – EnCE
• GIAC Certified Forensic Analyst – GCFA
• GIAC Certified Forensic Examiner – GCFE
• Certified Forensic Computer Examiner – CFCE
• Certified Information Systems Security Professional – CISSP
Duration: 14 months
Location: Ann Arbor, Michigan
Submit resume to jobs@OSIengineering.com