Senior Investigations Analyst – Digital Forensics

Corebridge Financial•Houston, TX

15h•Hybrid

About The Position

At Corebridge Financial, we believe action is everything. That’s why every day we partner with financial professionals and institutions to make it possible for more people to take action in their financial lives, for today and tomorrow. The Information Technology organization is the technological foundation of our business and works in collaboration with our partners from across the company. The team drives technology and digital transformation, partners with business leaders to design and execute new strategies through IT and operations services and ensures the necessary IT risk management and security measures are in place and aligned with enterprise architecture standards and principles. As a Senior Investigations Analyst, you are the lead "digital detective" for the organization. You will be responsible for conducting complex, forensically sound investigations into security breaches, policy violations, and potential litigation matters. You will leverage advanced forensic suites—with a particular focus on Nuix—to parse massive datasets, recover "hidden" evidence, and build a factual narrative for legal, HR, and executive stakeholders.

Requirements

4+ years of experience in digital forensics and/or corporate investigations.
Axiom or Nuix (Highly Preferred)
Advanced experience with at least two of the following: EnCase, FTK, Autopsy or X-Ways Forensics.
Experience with Cellebrite UFED or Magnet GrayKey.
Purview
Deep understanding of file systems (NTFS, APFS, Ext4), memory forensics (Volatility), and cloud-native logging (Azure Unified Audit Log, AWS CloudTrail).
Basic ability to use Python or SQL to automate data parsing or query large investigative databases.
Nuix Workstation Forensic Practitioner, EnCE, or MCFE.
GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensic Analyst (GNFA), or Certified Fraud Examiner (CFE).
Unwavering commitment to maintaining confidentiality and impartiality during sensitive investigations.
The ability to look past the obvious and connect non-linear data points to find the "smoking gun."
Experience delivering tough findings to senior leadership in high-stress environments.

Responsibilities

Lead the collection and preservation of digital evidence (workstations, mobile, cloud, and server logs) ensuring strict adherence to forensic standards and chain-of-custody protocols.
Perform live and dead-box imaging of systems across diverse OS environments (Windows, macOS, Linux).
Utilize enterprise forensic tools to perform stealthy, remote data acquisitions without disrupting business operations.
Utilize forensic toolsets to ingest, process, and analyze multi-terabyte datasets. You will be expected to create complex search queries, perform deduplication, and identify communication patterns across disparate data sources.
Investigate system artifacts (e.g. Registry, MFT, Shellbags, LNK files) to reconstruct user activity and timeline events.
Perform file carving and unallocated space analysis to recover deleted or obscured evidence.
Conduct deep-dive analysis of PST/OST files and cloud-based mail (O365/Gmail) to identify evidence of data exfiltration or collusion.
Translate technical forensic findings into clear, "plain English" investigative reports suitable for legal proceedings or executive review.
Act as the technical liaison for Legal, HR, and Internal Audit teams to define the scope of investigations and provide status updates on high-sensitivity cases.
Refine forensic workflows and laboratory standards to ensure the team stays ahead of anti-forensic techniques.

Benefits

Medical insurance
Dental insurance
Vision insurance
Mental health support
Wellness initiatives
401(k) Plan with a generous dollar-for-dollar Company matching contribution of up to 6% of eligible pay and a Company contribution equal to 3% of eligible pay
Employee Assistance Program
Matching charitable donations up to $5,000
Volunteer Time Off (up to 16 hours annually)
Paid Time Off (at least 24 days)