Sr Forensics Analyst
1375 Broadway New York City, NY 10018 US
Job Description
Our client, a computer security service firm, is seeking a Sr Forensics Analyst to join their team!
Responsibilities:
- Lead or participate as a team member in responding to and resolving security incidents for clients.
- Perform forensic analysis on hosts, networks, and logs, as well as triage malware, to support incident investigations.
- Utilize incident response (IR) technologies to conduct thorough investigations across large-scale environments, analyzing evidence from endpoints and networks.
- Identify and document attacker tactics, techniques, and procedures (TTPs) as indicators of compromise (IOCs) for current and future investigations.
- Develop scripts, tools, or methodologies to streamline incident investigation procedures.
- Collaborate with clients' security and IT teams to implement remediation plans following security incidents.
- Create detailed remediation guides and tracking documents for clients to prepare for and execute coordinated remediation efforts.
- Assist clients in enhancing network architecture and making configuration adjustments to better defend against known threats and attacker methods.
- Provide recommendations and document specific countermeasures and mitigation strategies.
- Present the company's capabilities in marketing discussions, proposal efforts, and capability briefings.
- Produce comprehensive and understandable reports and presentations tailored for technical and executive audiences.
- Communicate remediation strategies and action plans effectively to client stakeholders, including technical teams, senior management, and legal advisors.
Qualification Requirements:
- Possess a Bachelor's degree in a technical field with a minimum GPA of 3.0.
- Have 2-5 years of experience in information security.
- Demonstrate technical proficiency in at least five of the following areas:
- Previous experience as a lead system administrator or network engineer within an enterprise setting.
- Comprehensive knowledge of enterprise security controls within Active Directory/Windows environments.
- Understanding of Active Directory Trusts and Architectures.
- Proficiency in Windows and Unix endpoint hardening and implementation of security controls.
- Expertise in enforcing application whitelisting and host-based restrictions.
- Experience in implementing and enforcing technologies such as Credential Guard and Device Guard.
- Familiarity with enterprise networking and proficiency in network segmentation strategies.
- Experience in configuring and managing both network and host-based firewall setups.
- Proficiency in implementing logging configurations for network devices and Windows endpoints.
- Skills in PowerShell scripting.
- Must have eligibility to work in the US without requiring sponsorship.
- Possession of a Security Clearance is advantageous.
Meet Your Recruiter
Kenny Pilanski
Regional Director
Kenny is a graduate from Quinnipiac University where he received his degree in Industrial Organizational Psychology. He has been with TPG since November 2015 and initially got into recruiting through a friend from college and never looked back. When he is not in the office you can find him fishing, golfing, or hanging out with his girlfriend and dog Foxy.