Consulting Associate Cybersecurity Incident Response Forensic Services practice
Charles River AssociatesToronto, Ontario
Full Time
Posted January 29, 2026
CA$120k - CA$140k
~69 people viewed this recently
Apply Now
Application opens on company website
Job Description
The position involves providing digital forensic and cybersecurity incident response services, including investigating data breaches, malware analysis, threat hunting, and preparing forensic reports, to support clients in managing cyber threats and ensuring data security.
Key Responsibilities
- Execute security and privacy investigations, including breach detection, threat analysis, incident response, and malware analysis.
- Provide digital forensic support for data security incidents such as data breaches or fraud.
- Draft forensic reports, affidavits, and testify as an expert in digital forensics and incident response.
- Conduct forensic analysis of digital information using evidence handling techniques and forensic tools.
- Create tactical and strategic threat intelligence reports on threat groups, methodologies, and motivations.
- Collect and analyze relevant intelligence to support incident response, threat hunting, and threat intelligence teams.
- Perform technical analysis on malicious artifacts, executables, documents, and network traffic.
- Identify, research, and organize data to assess its sufficiency for analysis and evidence gathering.
- Acquire forensic data and images from hosts, locate evidence of compromise, and determine impact through disk, memory, and log analysis.
- Detect and hunt malware, including creating Indicators of Compromise (IOCs) and tracking adversary activity.
- Analyze memory and network traffic to identify malware activity, lateral movement, and command and control channels.
- Assess cybersecurity controls and provide technical guidance based on cybersecurity frameworks.
- Participate in practice-building activities such as recruiting and training forensic professionals.
Requirements
- Candidates must have 3-5 years of experience in cyber intrusion investigation or incident response analysis.
- Candidates must have a strong understanding of computer operating systems, software, and hardware.
- Candidates must have the ability to conduct detailed forensic investigations and analysis of computers, networks, mobile devices, and removable media.
- Candidates must have experience with conducting digital forensic analysis using commercial and open source forensic tools, including file system forensics, memory analysis, and network analysis.
- Candidates must have experience with conducting static and dynamic malware analysis in a lab environment and threat hunting in a live environment.
- Candidates must have experience in collegiate computer security competitions.
- Candidates must have a strong understanding of proper evidence handling procedures and chain of custody.
- Candidates must have experience with drafting technical and investigative reports and communicating technical findings.
- Candidates must have experience with utilizing automation tools and scripts to expedite analysis.
- Candidates must understand incident handling procedures including preparation, identification, containment, eradication, and recovery.
- Candidates must have an understanding of common attack techniques used by adversaries on victim networks and how to leverage those techniques to stop further activity.
- Candidates must have experience with vulnerability management, penetration testing, scripting, programming, reverse engineering, and similar job experiences.
- Candidates must have exposure to malware families used by espionage or criminal campaigns, such as PlugX and Poison Ivy.
- Candidates must be proficient with Threat Intelligence Platforms and analyst software tools such as MISP and Maltego.
- Candidates must have digital forensics incident response training and certifications, including SANS GIAC GCFA, GCFE, GNFA, GIME, IACIS CFCE or CIFR, Magnet MCFE, X-ways X-Pert, or similar certifications.
Benefits & Perks
Salary range of CAD 120,000 - 140,000 with potential bonus incentive compensation
Work location flexibility with at least 3 to 4 days in the office and options for remote work
Comprehensive benefits package including extended medical, dental, and vision insurance
Employer contributions to retirement plans such as ERP and TFSP RESP
Life and disability insurance
Paid time off including vacation, sick leave, holidays, and paid parental leave
Wellness programs and employee assistance resources
Commuter benefits
Skills development programs with 100 hours of annual training
Career growth opportunities through internal development activities
Ready to Apply?
Join Charles River Associates and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More at Charles River Associates
More jobs at Charles River Associates
Associate Principal eDiscovery Forensic Services
Charles River Associates
Not specified
Full Time
Apr 30
$140k-170k
Consulting Associate eDiscovery Forensic Services practice
Charles River Associates
VISA
Boston
Full Time
Apr 30
$100k-127k
Associate eDiscovery Forensic Services practice
Charles River Associates
Not specified
Full Time
Apr 30
$87k-95k