Senior Digital Forensics and Incident Responder

About The Position

Requirements

• Bachelor's degree or six or more years of work experience
• Six or more years of relevant experience required, demonstrated through work experience and/or military experience with a focus on DFIR and cloud security analysis and incident response (AWS, GCP, Azure, OCI).
• Experience working in cybersecurity, with a focus on Digital Forensics, Incident Response, Threat Hunting and/or Cloud Security (AWS, GCP, Azure, OCI).
• Ability to pass and/or obtain all necessary security clearances.

Nice To Haves

• Strong understanding of cloud security frameworks and best practices.
• Proficient in cloud computing concepts, including IaaS, PaaS, SaaS.
• Comprehensive knowledge with programming or scripting languages relevant to cloud security automation and orchestration.
• Fundamental understanding of cyber based adversarial frameworks including MITRE ATT&CK and Lockheed Martin’s Cyber Kill Chain.
• Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them.
• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
• Python and/or Powershell experience to enhance automations, ad-hoc forensic analysis, and speed-up response times.
• Previous experience with log aggregation platforms such as Splunk, Elastic, Snowflake, LogRhythm, Google SecOps, etc.
• Proficient in understanding Operating Systems and their architectures: Windows, Unix/Linux, and MacOS.
• Demonstrated leadership and mentoring skills to help advance the overall capabilities of the TMC organization.
• Ability to work in a highly collaborative environment needing strong communication, presentation, and leadership-like skills.
• Exhibits initiative, follow-up and follow through with commitments.
• Advanced degree(s) from an accredited institution of higher education in cybersecurity, security management, information system security, network security and/or digital forensics.
• Certifications like: Network+, Security+, CISSP, EnCE, CFCE, C|EH, C|HFI, GCFA, GCFE, GCIH and/or cloud-specific security certifications (e.g. AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Cloud Certified Professional Cloud Security Engineer)

Responsibilities

• Utilizing advanced digital forensic and incident response techniques and tools to detect, analyze, and respond to anomalous activities.
• Driving the technical oversight and guidance required to support cloud environment (i.e. AWS, Azure, GCP) day-to-day operations.
• Operating as a trusted advisor on advanced threat analysis for team and stakeholders.
• Leveraging security tools and logs in order to complete a detailed and accurate assessment of security alerts and threats affecting the Verizon enterprise and cloud infrastructure.
• Developing security controls for multiple cloud platforms via automated capabilities by using advanced analysis and forensic techniques.
• Driving identification, analysis, and remediation activities to ensure compliance with relevant regulatory requirements, industry standards, and best practices related to cloud security and data privacy.
• Developing and executing specialized incident response procedures to detect, contain, and recover from security incidents targeting AI/ML models, training data, or model-serving infrastructure.
• Providing assistance and analytical evaluations for high-priority and significant security incidents, including composing extensive and comprehensive analysis summaries and facilitating incident-related discussions.
• Conducting risk assessments, in-depth analysis, and forensic investigations to determine the root cause and impact of incidents.
• Identifying gaps in detections and collaborating with teams across Cyber Security to mitigate threats and improving the overall TMC cloud security posture.
• Serving as a subject matter expert on emerging enterprise, cloud and AI/ML-related threats and collaborating with cross-functional teams to establish security best practices.
• Recommending ways to mature and advance the preventive and defensive capabilities of the TMC. This includes leveraging internal data, threat trends, and operational metrics to clearly communicate the use case for alert creation.
• Collaborating with cross-functional teams to design and implement cloud governance guidelines, safeguarding sensitive data, and ensuring adherence to industry standards and regulatory requirements.
• Enhancing techniques, workflows and processes of cloud security controls, compliance assessments, and incident response procedures to drive the TMC operational and strategic growth (continuous improvement).
• Assisting with producing executive-level operational read-outs, metrics, and case reviews for management that accurately capture the effectiveness of TMC.
• Mentoring and coaching TMC analysts to build and maintain skills and techniques needed to produce quality and consistency analysis.

Benefits

• health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance
• matched 401(k) savings plan
• up to 8 company paid holidays per year and up to 6 personal days per year
• paid parental leave
• adoption assistance and tuition assistance
• incentive based position with the potential to earn more
• Newly hired employees receive up to 15 days of vacation per year, which grows with additional service