CIRT Forensic Investigation Senior Analyst
Execute documented processes within the CIRT playbook and the security incident response lifecycle.Collect, preserve, and process volatile information and evidence for highly-confidential forensic investigations. Investigate digital evidence, including:
Storage media (hard drives, optical and flash media)
Electronic data (files, pictures, web data, device logs)
Mobile devices (phones, tablets)
Volatile media (workstation memory)
Preserve the admissibility of collected evidence and maintain the Chain of Custody, following team and industry best practices.Ensure forensic evidence and documentation are accurately recorded, secured, and tracked.Investigate low to medium complexity cases, such as:
Acceptable Use Policy / Code of Business Ethics Violations
Malware
Fraud, Intellectual Property Theft, Industrial Espionage
Cyber Attacks / Hacking / APT / Security Breaches
Follow forensic investigation and incident response procedures, policies, and guidelines.Analyze security events, investigate issues related to the technology infrastructure, and employ investigative skills to resolve assigned cases.Coordinate containment and remediation efforts until incident closure, under guidance from the Incident Response Specialist or Manager.Produce detailed reports, present forensic evidence, and communicate findings to non-technical audiences.Complete low to medium complexity, non-standard tasks in assigned areas of responsibility. #LI-PH Must Have:
Bachelor's degree in Computer Forensic or Digital Forensic or Cyber Security
Industry certification in multiple operating systems and/or network
2-3 years relevant experience if graduate of other Computer related course
Fresh graduates can be considered as long as they're a graduate of Computer Forensic or Digital Forensic or Cyber Security
Strong hardware/ software/ OS experience
Thinks out of the box and goes beyond the guidelines/playbook in order to resolve an issue/escalation
Good to Have:
One or more computer forensics and information security certifications is a plus :
Guidance Software Encase Certified Examiner
EC Council Computer Hacking Forensic Investigator
EC Council Certified Ethical Hacker
SANS GIAC Certified Incident Handler
SANS GIAC Certified Forensic Examiner
ISC2 Certified Information Systems Security Professional
ISACA Certified Information Systems Auditor
ISACA Certified Information Systems Manager
CompTIA Security+
Reverse malware, advanced security operations, advanced tech support
Digital forensic investigator
3 years vulnerability assessment and penetration testing
Job Details
Job Requisition ID: Rxxx
Location: Mandaluyong
Posting Date: 07/30/2024 - 1 month ago
Job Family: Security Delivery
Time Type: Full time
Job Type: Regular