The Tier II Cyber Investigator will be responsible for the coordination and investigation of mid to high level Information and Network Security incidents.
The role will require a balance of technical (programming / Network) and non-technical (analysis / investigative) skills.
The role requires a seasoned professional that is capable of integrating both subject matter and industry expertise to conduct cyber Investigations.
The role applies in-depth disciplinary knowledge to contribute to the development of new techniques and the improvement of processes and work-
flow for the area. It requires an in-depth understanding of how cyber investigations are coordinated across areas. Strong communication and diplomacy skills are required.
The ability to evaluate moderately complex and variable issues with substantial potential impact, where development of an approach / taking of an action involves weighing various alternatives and balancing potentially conflicting situations using multiple sources of information.
Requires good analytical skills in order to filter, prioritize and validate potentially complex and dynamic material from multiple sources.
Collect, investigate and report on Information and Network Security Incidents
Prepare timely , detailed, accurate and factual Investigation Reports supported by evidence collected as a result of the investigation
Perform data extraction and analysis using self-developed scripts, programs, and analytic tools
Collect and document forensic artifacts to support the investigative effort.
Work with internal SME’s and vendors to define signatures and processes for detecting the malware.
Actively engage with the Cyber Investigation Managers and Security Incident Management Team leads (SIM) to ensure they are kept apprised of any significant changes during the progress of an investigation
Actively engage in liaison activities with, Law Enforcement, Industry Associations, peer institutions, and information sharing communities.
Timelyreport into the official support systems the investigative activities.
Bachelor’s degree or engineer
2+ year experience in eDiscovery matters / projects.
2+ year experience with scripting or programming languages including but not limited to Visual Basic .Net, MySQL, C, C++, Perl, Python, Ruby and / or SQL Oracle Database development.
Experience using various software tools including Relativity (kCura), Clearwell (Symantec / Veritas), Axcelerate (Recommind), Viewpoint (Xerox), Xera (iCONNECT), Equivio (Microsoft), Brainspace (Brainspace), PSS Atlas (IBM), eCapture / Allegro / Eclipse (iPro), LAW Prediscovery and ECA (LexisNexis), eNCASE eDiscovery / eDiscovery Review (Guidance), Extero, Autonomy (HP), Kazeon (eMC), etc.
English advanced is a must, professional level is desirable
Computer forensics basic knowledge.
EDiscovery application certifications preferred, e.g. Concordance, LAW,
Relativity, Nuix, EnCase, etc. Highly desirable.
Demonstrated high-level proficiency in NUIX and Relativity eDiscovery / document review platforms. Highly desirable.
Experience with all listed tools not a requirement, but broad base of experience across various tools is desired.
Excel proficiency, a plus.
Strong analytical and communication (verbal and written) skills.
Well versed in analysis methods and techniques for managements of projects containing ESI.
Excellent organization skills and ability to self-manage.
Ability to work flexible schedule and extra hours as needed.
Maintain a high performance level on repetitive tasks.
High attention to detail and accuracy of work.
Willingness to travel both domestically and internationally.
Work well in a team environment as well as independently.
Work well under pressure and time-critical situations.