Associate Cybersecurity Incident Response Forensic Services practice
Charles River AssociatesToronto, Ontario
Full Time
Posted January 20, 2025
Energy Consulting
Visa Sponsored
Apply Now
Application opens on company website
Job Description
The position involves executing security and privacy investigations, providing digital forensic support, and conducting detailed forensic analysis of computers and networks to assist clients in responding to data security incidents. Candidates should have a background in computer science or related fields, along with strong analytical and communication skills.
Key Responsibilities
- Execute security and privacy investigations for clients related to data security matters.
- Provide expert digital forensic support for data security incidents.
- Assist in drafting forensic reports and testifying as an expert in digital forensics.
- Engage in forensic analysis of digital information using evidence handling techniques.
- Identify, research, and organize information for effective data access and analysis.
- Develop familiarity with data inputs for analysis, including threat intelligence.
- Recognize relationships among multiple information sources for effective data analysis.
- Program and administer databases using languages such as Python, T-SQL, and VBA.
- Ensure reliability of analysis through quality control measures and documentation.
- Forensically acquire data and images from identified hosts.
- Identify artifact and evidence locations to answer critical forensic questions.
- Detect and analyze malware across multiple hosts in an enterprise environment.
- Create Indicators of Compromise (IOCs) to enhance incident response efforts.
- Track adversary activity on a host through timeline analysis.
- Understand evidence needed to determine malware types and appropriate defenses.
- Identify lateral movement within client enterprises by adversaries.
- Use memory analysis tools to determine adversary activities on hosts.
- Examine network traffic to identify patterns warranting further investigation.
- Identify and track malware communication to command and control channels.
- Provide technical assessments and guidance on cybersecurity controls.
- Participate in practice-building activities including recruiting and training.
Requirements
- 2-4 years of experience in Computer Science, Digital Forensics, Information Security, or Information Systems.
- Knowledge of cybersecurity concepts.
- Exceptional written and oral communication skills.
- Ability to execute security and privacy investigations for clients in preparation of, and in response to, data security matters.
- Experience providing expert digital forensic support for counsel and clients in support of data security incidents, such as data breaches or fraud.
- Experience assisting in the drafting of forensic reports and affidavits.
- Experience testifying as an expert in the field of digital forensics and incident response.
- Ability to engage in problem-solving and forensic analysis of digital information using standard evidence handling techniques and computer forensics tools.
- Experience in programming, model building, and database administration using Python, T-SQL, VBA, Excel, C++, among others.
- Experience in forensically acquiring data and images from identified hosts.
- Ability to identify artifact and evidence locations to answer critical questions, including execution, file access, data theft, anti-forensics, and detailed system usage by an adversary.
- Experience detecting and hunting unknown live, dormant, and custom malware across multiple hosts in an enterprise environment.
- Ability to create Indicators of Compromise (IOCs) from analysis to strengthen incident response and threat intelligence efforts.
- Experience tracking adversary activity second-by-second on a host via in-depth timeline analysis.
- Understanding of the evidence needed to determine the type of malware used in an attack, including rootkits, backdoors, and Trojan horses.
- Ability to identify lateral movement and pivots within client enterprises.
- Experience using physical memory analysis tools to determine an adversary's activities on a host.
- Experience examining traffic using common network protocols to identify patterns of activity or specific actions that warrant further investigation.
- Ability to identify and track malware beaconing outbound to its command and control (C2) channel via memory forensics, registry analysis, and network connections.
- Experience providing technical assessment audit and guidance to clients on the adequacy of cyber security controls in accordance with cybersecurity frameworks such as NIST CSF 2.0, HIPAA, ISO 27001 and 27002, SOC2, NERC-CIP.
- Participation in practice-building activities including recruiting and training.
Benefits & Perks
100 hours of training annually
superior benefits package
wellness programming to support physical, mental, emotional and financial well-being
in-house immigration support for foreign nationals and international business travelers
work location flexibility with 3 to 4 days a week in the office
additional remote work options during certain times of the year
Ready to Apply?
Join Charles River Associates and make an impact
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
