Consulting Associate Cybersecurity Incident Response Forensic Services practice
Charles River AssociatesToronto, Ontario
Full Time
Posted December 18, 2025
Apply Now
Application opens on company website
Job Description
The role involves conducting digital forensic investigations, incident response, and threat analysis to support clients in cybersecurity and data security incidents, including malware analysis, evidence handling, and creating strategic intelligence products within a collaborative consulting environment.
Key Responsibilities
- Execute security and privacy investigations, including breach detection, threat analysis, incident response, and malware analysis.
- Provide digital forensic support for data security incidents such as data breaches or fraud.
- Draft forensic reports, affidavits, and testify as an expert in digital forensics and incident response.
- Perform forensic analysis of digital information using evidence handling techniques and forensic tools.
- Create tactical and strategic threat intelligence reports on threat groups, their methodologies, and motivations.
- Collect and analyze relevant intelligence to support incident response, threat hunting, and threat intelligence teams.
- Conduct technical analysis on malicious artifacts, executables, documents, and network traffic.
- Identify, research, and organize data to assess security incidents and evidence of compromise.
- Forensically acquire data and images from hosts to identify evidence of system compromise.
- Detect and hunt malware across enterprise environments, including creating Indicators of Compromise (IOCs).
- Track adversary activity through timeline analysis and memory forensics.
- Identify malware types and lateral movement within client networks to inform response tactics.
- Examine network traffic and system artifacts to identify malicious activity and command-and-control channels.
- Provide technical assessments and guidance on cybersecurity controls based on relevant frameworks.
Requirements
- Candidates must have 3-5 years of experience in cyber intrusion investigation or incident response analysis.
- Candidates must have a strong understanding of computer operating systems, software, and hardware.
- Candidates must have the ability to conduct detailed forensic investigations and analysis of computers, networks, mobile devices, and removable media.
- Candidates must have experience with conducting digital forensic analysis using commercial and open source forensic tools, including file system forensics, memory analysis, and network analysis.
- Candidates must have experience with conducting static and dynamic malware analysis in a lab environment and threat hunting in a live environment.
- Candidates must have experience in collegiate computer security competitions.
- Candidates must have a strong understanding of proper evidence handling procedures and chain of custody.
- Candidates must have experience with drafting technical and investigative reports and communicating technical findings.
- Candidates must have experience with utilizing automation tools and scripts to expedite analysis.
- Candidates must understand incident handling procedures including preparation, identification, containment, eradication, and recovery.
- Candidates must have an understanding of common attack techniques used by adversaries on victim networks and how to leverage those techniques to stop further activity.
- Candidates must have experience with vulnerability management, penetration testing, scripting, programming, reverse engineering, and similar job experiences.
- Candidates must have exposure to malware families used by espionage or criminal campaigns, such as PlugX and Poison Ivy.
- Candidates must be proficient with Threat Intelligence Platforms and analyst software tools such as MISP and Maltego.
- Candidates must have digital forensics incident response training and certifications, including SANS GIAC GCFA, GCFE, GNFA, GIME, IACIS CFCE or CIFR, Magnet MCFE, X-ways X-Pert, or similar.
- Candidates must demonstrate knowledge of cybersecurity frameworks such as NIST CSF 2.0, HIPAA, ISO 27001 and 27002, SOC2, or NERC-CIP when providing technical assessment, audit, and guidance to clients.
Benefits & Perks
Compensation/salary range (not specified)
Work schedule flexibility with at least 3 to 4 days in the office per week
Work environment perks including career growth and mentorship opportunities
Skills development programs with 100 hours of training annually
Comprehensive total rewards program including benefits package
Wellness programming supporting physical, mental, emotional, and financial well-being
In-house immigration support for foreign nationals and international business travelers
Ready to Apply?
Join Charles River Associates and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More at Charles River Associates
More jobs at Charles River Associates
Manager Transfer Pricing practice
Charles River Associates
VISA
Oakland
Full Time
3d
$130k-153k
Associate Transfer Pricing practice
Charles River Associates
Oakland
Full Time
Dec 24
$87k-95k
Associate Transfer Pricing practice
Charles River Associates
VISA
Oakland
Full Time
Dec 27
$87k-95k
More jobs in Toronto, Ontario
Senior Manager, Recruiting
Samsara
Toronto
Full Time
Dec 17
$123k-169k
Software Engineer II, New Product
Samsara
Toronto
Full Time
Dec 25
$105k-135k
Technical Account Manager
Samsara
Toronto
Full Time
Dec 29
$78k-101k