CRA’s Forensic Services practice supports companies’ commitment to integrity by assisting them and their counsel in independently responding to allegations of fraud, waste, abuse, misconduct, and non-compliance. We are noted for deploying cross-trained teams of forensic professionals to assist our clients in gaining deeper insights and greater value more quickly. We provide accounting and forensic services as well as cybercrime investigation services.
The opportunities to contribute to the team in this role may include (but are not limited to):
- Executing security and privacy investigations for CRA clients, in preparation of, and in response to, data security matters, which may include ongoing breach detection, threat analysis, incident response and malware analysis.
- Hunt and respond to advanced adversaries such as nation-state actors, organized crime, and hacktivists.
- Extract files from network packet captures and proxy cache files, allowing follow-on malware analysis, or definitive data loss determinations.
- Recognize and understand common assembly-level patterns in malicious code, such as code injection, API hooking, and anti-analysis measures.
- Target advanced adversary anti-forensics techniques like hidden and time-stomped malware, along with utility-ware used to move in the network and maintain an adversary's presence.
- Use memory analysis, incident response, and threat hunting tools to detect hidden processes, malware, adversary command lines, rootkits, network connections, and more.
- Perform forensic analysis of digital information using standard computer forensics and evidence handling techniques and computer forensics tools.
- Improve the ability of the incident response team to react to incidents by evaluating and implementing new tools and processes.
- Contribute to the creation and maintenance of effective relationships with local, state and federal law enforcement agencies to assist in criminal matters.
- Prepare client communications for project milestones and senior leadership.
- Manage risk by implementing quality control measures and documentation.
- Participate in team recruiting and retention efforts and managing team morale and the professional development of junior staff members.
- Provide management support to engagement teams led by senior personnel.
- Support engagement planning and management; project team execution, analysis, and work product.
- 5-10 years’ experience in cyber intrusion investigation or incident response analysis.
- Must hold a Bachelor’s or Master’s degree in a related field.
- Ability to effectively prioritize multiple projects and meet timely deadlines.
- Experience in a hands-on technical role functioning as an incident responder, network forensic analyst or malware analyst.
- Experience with data analytics engagements and contributing to the execution of technology-based best practices.
- Working knowledge of computer hardware components, operating systems, file systems, computer networks, e-mail systems, mobile devices, IT security or incident response.
- Knowledge of programming languages such as Python, Perl, C/C++, C#, PowerShell, BASH, and/or Batch.
- Deep knowledge of networking (TCP/IP, design, traffic flow, protocols, sessions), operating systems (Windows / *nix) and web technologies.