Consulting Associate Cybersecurity Incident Response Forensic Services practice
Charles River AssociatesBoston, Massachusetts
Full Time
Posted January 27, 2026
$100k - $127k
~74 people viewed this recently
Apply Now
Application opens on company website
Job Description
The position involves providing digital forensic and cybersecurity investigation services, including incident response, malware analysis, and evidence handling, to support clients facing data security breaches and related issues, within a consulting firm specializing in economic and management advisory services.
Key Responsibilities
- Execute security and privacy investigations, including breach detection, threat analysis, incident response, and malware analysis.
- Provide digital forensic support for data security incidents such as data breaches or fraud.
- Draft forensic reports, affidavits, and testify as an expert in digital forensics and incident response.
- Conduct forensic analysis of digital information using evidence handling techniques and forensic tools.
- Identify, research, and organize data to facilitate effective analysis of threat intelligence, logs, and contextual clues.
- Acquire digital evidence from hosts and analyze for signs of compromise, impact, and adversary activity.
- Detect and hunt malware, including unknown and custom variants, across enterprise environments.
- Create Indicators of Compromise (IOCs) to enhance incident response and threat intelligence.
- Track adversary activity through timeline analysis, memory forensics, and network traffic examination.
- Assess cybersecurity controls and provide technical guidance based on cybersecurity frameworks.
Requirements
- Candidates must have 3-5 years of experience in digital forensics, cybersecurity, or related fields.
- Candidates must have majored in Computer Science, Digital Forensics, Information Security, and/or Information Systems.
- Knowledge of cybersecurity concepts is required.
- Experience with conducting digital forensic analysis using commercial and open source forensic tools, including file system forensics, memory analysis, and network analysis, is required.
- Experience with conducting static and dynamic malware analysis in a lab environment and threat hunting in a live environment is required.
- Strong understanding of proper evidence handling procedures and chain of custody is required.
- Experience with drafting technical and investigative reports and communicating technical findings is required.
- Experience with utilizing automation tools and scripts to expedite analysis is required.
- Understanding incident handling procedures including preparation, identification, containment, eradication, and recovery is required.
- Knowledge of common attack techniques used by adversaries on networks and how to leverage those techniques to stop further activity is required.
- Digital forensics incident response training and certifications such as SANS GIAC GCFA, GCFE, GNFA, GIME, IACIS CFCE or CIFR, Magnet MCFE, X-ways X-Pert, or similar are required.
- Ability to conduct detailed forensic investigations and analysis of computers, networks, mobile devices, and removable media is required.
- Experience with analyzing traffic using common network protocols to identify patterns of activity or specific actions is required.
- Ability to forensically acquire data and images from identified hosts and locate evidence of compromise through disk, file, memory, and log analysis is required.
- Ability to identify artifact and evidence locations to answer critical questions such as execution, file access, data theft, anti-forensics, and system usage by an adversary is required.
- Ability to detect and hunt unknown live, dormant, and custom malware across multiple hosts in an enterprise environment is required.
- Experience with creating Indicators of Compromise (IOCs) from analysis to strengthen incident response and threat intelligence efforts is required.
- Ability to track adversary activity second-by-second on a host via in-depth timeline analysis is required.
- Understanding of the evidence needed to determine the type of malware used in an attack, including rootkits, backdoors, and Trojan horses, is required.
- Ability to identify lateral movement and pivots within client enterprises, showing how an adversary transitions from system to system without detection, is required.
- Experience with using physical memory analysis tools to determine an adversary's activities on a host and across the network is required.
- Ability to examine traffic using common network protocols to identify patterns of activity or specific actions warranting further investigation is required.
- Experience in providing technical assessment, audit, and guidance to clients on the adequacy of cybersecurity controls in accordance with frameworks such as NIST CSF 2.0, HIPAA, ISO 27001 and 27002, SOC2, or NERC-CIP is required.
- Ability to participate in practice-building activities including recruiting and training is required.
- Candidates must have a strong understanding of computer operating systems, software, and hardware.
- Experience with conducting digital forensic analysis of computers, networks, mobile devices, and removable media is required.
- Experience with conducting static and dynamic malware analysis and threat hunting in a live environment is required.
- Experience with collegiate computer security competitions is preferred.
- Strong understanding of evidence handling procedures and chain of custody is required.
- Experience with drafting technical and investigative reports and effectively communicating technical findings is required.
- Experience with utilizing automation tools and scripts to expedite analysis is required.
- Understanding of incident handling procedures including preparation, identification, containment, eradication, and recovery is required.
- Knowledge of common attack techniques used by adversaries and how to leverage those techniques to stop further activity is required.
- Digital forensics incident response training and certifications such as SANS GIAC GCFA, GCFE, GNFA, GIME, IACIS CFCE or CIFR, Magnet MCFE, X-ways X-Pert, or similar are required.
Benefits & Perks
Salary range of $100,000 - $126,500 with potential for bonus incentive compensation
Work location flexibility with at least 3 to 4 days in the office per week
Comprehensive benefits package including medical, dental, and vision insurance
401(k) retirement plan with employer match
Life and disability insurance
Paid time off including vacation, sick leave, holidays, and paid parental leave
Wellness programs and employee assistance resources
In-house immigration support for foreign nationals and international travelers
Skills development programs with 100 hours of annual training
Leadership and collaboration opportunities through internal activities
Ready to Apply?
Join Charles River Associates and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More at Charles River Associates
More jobs at Charles River Associates
Intake Analyst
Charles River Associates
VISA
Boston
Part Time
5d
$50k-58k
PhD Professional Degree Recruiter
Charles River Associates
VISA
Not specified
Full Time
Mar 31
$60k-70k
HR Manager Talent Management
Charles River Associates
VISA
London
Full Time
Mar 27
More jobs in Boston, Massachusetts
Project Plumbing Fire Protection Designer IV
Cannon Design
Boston
Full Time
3d
$111k-138k
Transmission Power Markets Engineer
Nexamp
Boston
Full Time
3d
$88k-100k
Sustainable Design Student Intern BOS
Cannon Design
Boston
Internship
5d
$0k-0k/hr