Consulting Associate Cybersecurity Incident Response Forensic Services practice
Charles River AssociatesBoston, Massachusetts
Full Time
Posted March 21, 2025
$105k - $115k
Apply Now
Application opens on company website
Job Description
The position involves providing digital forensic and cybersecurity incident response services, including investigating data breaches, malware analysis, and threat hunting, while supporting clients with technical assessments, report drafting, and expert testimony in a consulting environment.
Key Responsibilities
- Execute security and privacy investigations, including breach detection, threat analysis, incident response, and malware analysis
- Provide digital forensic support for data security incidents such as data breaches and fraud
- Draft forensic reports, affidavits, and testify as an expert in digital forensics and incident response
- Perform forensic analysis of digital information using evidence handling techniques and forensic tools
- Identify, research, and organize data to facilitate effective analysis of threat intelligence, logs, and contextual clues
- Acquire and analyze data and evidence from hosts to determine impact and uncover evidence of compromise
- Detect and hunt malware, including unknown and custom variants, across enterprise environments
- Create Indicators of Compromise (IOCs) to enhance incident response and threat intelligence
- Track adversary activity and lateral movement within client networks through timeline and network analysis
- Analyze memory, network traffic, and system artifacts to identify malicious activity and command and control channels
- Assess cybersecurity controls and provide technical guidance based on cybersecurity frameworks
- Participate in practice-building activities such as recruiting and training team members
Requirements
- Candidates must have 3-5 years of experience in digital forensics, cybersecurity, or information security.
- Candidates must have majored in Computer Science, Digital Forensics, Information Security, and/or Information Systems.
- Candidates must have knowledge of cybersecurity concepts, research experience, and quantitative ability.
- Candidates must possess exceptional written and oral communication skills.
- Candidates must demonstrate a high level of initiative.
- Candidates must be able to use data to solve client problems and work collaboratively with a team.
- Candidates must be able to effectively manage their time, prioritize tasks, and take pride and ownership in their work.
- Candidates must have experience executing security and privacy investigations, including ongoing breach detection, threat analysis, incident response, and malware analysis.
- Candidates must have experience providing expert digital forensic support for data security incidents such as data breaches or fraud.
- Candidates must have experience assisting in the drafting of forensic reports, affidavits, and testifying as an expert in digital forensics and incident response.
- Candidates must have experience engaging in problem-solving and forensic analysis of digital information using standard evidence handling techniques and computer forensics tools.
- Candidates must be able to identify, research, and organize information to assess the appropriateness and sufficiency of available data for effective data access and analysis.
- Candidates must develop familiarity with data inputs such as threat intelligence, logging data, and contextual clues.
- Candidates must recognize relationships among multiple sources and types of information to facilitate effective data analysis.
- Candidates must have programming, model building, and database administration skills in Python, T-SQL, VBA, Excel, C, among others.
- Candidates must ensure the reliability of analysis and risk management through implementing quality control measures and documentation.
- Candidates must forensically acquire data and images from identified hosts and locate evidence of compromise through disk, file, memory, and log analysis.
- Candidates must identify artifact and evidence locations to answer critical questions related to execution, file access, data theft, anti-forensics, and detailed system usage by an adversary.
- Candidates must detect and hunt unknown live, dormant, and custom malware across multiple hosts in an enterprise environment.
- Candidates must create Indicators of Compromise (IOCs) from analysis to strengthen incident response and threat intelligence efforts.
- Candidates must track adversary activity second-by-second on a host via in-depth timeline analysis.
- Candidates must understand the evidence needed to determine the type of malware used in an attack, including rootkits, backdoors, and Trojan horses, and select appropriate defenses and response tactics.
- Candidates must identify lateral movement and pivots within client enterprises, showing how an adversary transitions from system to system without detection.
- Candidates must use physical memory analysis tools to determine adversary activities on hosts and across the network.
- Candidates must examine traffic using common network protocols to identify patterns of activity or specific actions warranting further investigation.
- Candidates must identify and track malware beaconing outbound to its command and control (C2) channel via memory forensics, registry analysis, and network connections.
- Candidates must provide technical assessment, audit, and guidance to clients on the adequacy of cybersecurity controls in accordance with frameworks such as NIST CSF 2.0, HIPAA, ISO 27001 and 27002, SOC2, and NERC-CIP.
- Candidates must have a strong understanding of computer operating systems, software, and hardware.
- Candidates must have experience conducting detailed forensic investigations and analysis of computers, networks, mobile devices, and removable media using commercial and open-source forensic tools, including file system forensics, memory analysis, and network analysis.
- Candidates must have experience conducting static and dynamic malware analysis in a lab environment and threat hunting in a live environment.
- Candidates must have experience in collegiate computer security competitions.
- Candidates must have a strong understanding of proper evidence handling procedures and chain of custody.
- Candidates must have experience drafting technical and investigative reports and communicating technical findings.
- Candidates must have experience utilizing automation tools and scripts to expedite analysis.
- Candidates must understand incident handling procedures including preparation, identification, containment, eradication, and recovery.
- Candidates must have knowledge of common attack techniques used by adversaries and how to leverage those techniques to stop further activity.
- Candidates must have digital forensics incident response training and certifications such as SANS GIAC GCFA, GCFE, GNFA, GIME, IACIS CFCE or CIFR, Magnet MCFE, X-ways X-Pert, or similar.
Benefits & Perks
Compensation/salary range: $105,000 - $115,000 (base salary), with potential for benefits and bonus
Work schedule: 3 to 4 days per week in the office, with additional remote work options during certain times of the year
Work environment perks: Work location flexibility, inclusive and collaborative environment, opportunities for career growth and mentorship
Additional benefits: Robust skills development programs with 100 hours of annual training, comprehensive total rewards package, wellness programming supporting physical, mental, emotional, and financial well-being, in-house immigration support for foreign nationals and international travelers
Ready to Apply?
Join Charles River Associates and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More at Charles River Associates
Jobs in Boston, Massachusetts
More jobs at Charles River Associates
Consulting Associate European Competition practice - m f d
Charles River Associates
Düsseldorf or Munich
Full Time
May 22
Consulting Associate Forensic Accounting Forensic Services practice
Charles River Associates
Boston
Full Time
May 22
Consulting Associate Intellectual Property practice
Charles River Associates
VISA
Houston
Full Time
May 22
More jobs in Boston, Massachusetts
Battery Engineer
Factorial Energy
Boston
Full Time
May 22
Project Finance Associate
New Leaf Energy
Boston
Full Time
May 22
Health Client Leader II
Cannon Design
Boston
Full Time
May 22
$135k-168k