UTC Digital Forensic Services is responsible for establishing a chain of custody for evidence, conducting necessary computer forensics, including bit stream backups of suspect media and hard drive analysis. Investigations may include embezzlement, intellectual property theft, harassment, fraud, business ethics violations, and company policy violations. Forensic Services also, on occasion, provides technical support Legal, Ethics and Compliance and Human Resources in conducting internal investigations.
- Independently leading digitalinvestigations, preserving evidence for potential legal action and working with customers explaining the digital evidence.
- Ability to perform detailed forensic analysis on computers, phones, other digital media.
- Interface with business function owners, legal, human resources, technical personnel and others.
- Provide evidentiary insight to customers and produce digitalsecurityinvestigation briefings; including written communication through the creation of both technical and non-technical reports adhering to standard operating procedures and quality assurance.
- Proven ability to: analyze, troubleshoot and solve complex problems;
- Work in a team environment; handle several projects at a given time; prepare and maintain records and training materials; move or facilitate the transfer of analyzed data to other platforms or domains; maintain the confidentiality and security of records and information with discretion; secure the cooperation of others in difficult work situations; develop and follow standard work; clearly and concisely communicate technical results to senior management and non-technical functions; and establish and maintain effective working relationships with peers and all levels of management.
- Collaborative mindset; able to share information, provide feedback, solve problems together, and maintain an inclusive environment — all under the pressure of deadlines, change, and complexity. Effective communication is key.
- Knowledge of U.S. discovery, Data Privacy compliance, and the EU General Data Protection Regulation (GDPR)
- Proficiency with tools such as EnCase eDiscovery / Investigator or QRadar
- Familiarity with Microsoft PowerShell, Python, and/or SQL
- Understanding of data networking and computer hardware
Baccalaureate or advanced degree from an accredited college or university in Criminalistics/Forensic Science, Information Assurance, Management, Computer Science, Math, or MIS desired; Master Degree a plus.
- The ideal candidate will have minimum 8 years direct experience working in digitalforensics, incident response, information security, or law enforcement with excellent interpersonal and analytical skills as well as a high level of motivation.
- Knowledge of the principles, methods, materials, equipment, and techniques used in forensic science; the rules of civil procedures concerning time limits, discovery, evidence and expert witnesses; supervisory principles and techniques; and familiarity with law enforcement policies, procedures, rules, regulations and laboratory functions.
- Research experience and ability to bring best practices and technical controls to remediate gaps or deficiencies, and put forth recommendations to address needs.
- Skill in and a strong understanding of: the use of a variety of forensic tools (Access Data, FTK, Guidance EnCase; including mobility (Axiom/BlackBag Mobilyze/Cellebrite/Paraben) and in demonstrating to others.