Sr. Staff - Forensics Analyst (Digital Network Investigations)

Charles Schwab   •  

Phoenix, AZ

Industry: Accounting, Finance & Insurance


5 - 7 years

Posted 36 days ago

This job is no longer available.

Our Opportunity:

Our Forensics team is looking for a Senior Analyst to support our expanding mission. This position requires someone that can lead/conduct digitalinvestigations and compose thorough reporting. Additionally, an ideal candidate should have a robust understanding of the threatlandscape, be a support element for incident response, and conduct open source research.

What you’ll do:

  • Computer networkinvestigations, and diagnostics of computer networks, network analysis, networkthreats and risks, incident response, and database research.
  • Collaborate with SOC and Threat Intelligence teams to continuously improve our detection and response capabilities.
  • Demonstrates expert understanding of the life cycle of networkthreats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures.
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
  • Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. NetFlow, Full Packet Capture), and other attack artifacts in support of incident/investigations.
  • Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-Based Forensics, Network Forensics.
  • Develop and ensure capabilities of forensic tools and infrastructure are optimized.
  • Experience with malware analysis concepts and methods.
  • Familiarity or experience with Volatility, Encase Forensic Software, other analysis tools.
  • Familiarity with MITRE ATT&CK framework.
  • Knowledge of Virtualization and Cloud security.
  • Knowledge of Linux, UNIX, Windows (including Active Directory) and other operating systems.

What you have:

  • 6+ Years’ working experience with digitalforensicsinvestigations.
  • 6+ Years’ Experience with computer network exploitation, construction, and diagnostics of computer networks, network analysis, networkthreats and risks, incident response, and database research.
  • Expertise in networking fundamentals (TCP/IP, Network Layers, etc.).
  • Automation experience is a desirable.
  • Experience defining and supporting complete eDiscovery processes ensuring repeatability and defensibility of collections and processes.
  • Advanced understanding of computer hardware and operating systems.
  • Experience in Security Operations.
  • Ability to organize and effectively present technical information to a non-technical audience, including the results of analysis or status of a project.
  • Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.).
  • Basic programming skills in various disciplines including scriptinglanguages.
  • GCIA certification is preferred.