Senior Cyber Forensics Analyst, Global Risk & Cyber Security Company

Location; Oakville, ON

Description:

The Cyber Forensic Analyst will provide front line support to clients of the Cyber Forensics practice. The analyst will be deployed in emergency situations to acquire forensic images and capture live, volatile data from compromised systems involved in cyber breach incidents. The analyst will also be responsible for the deployment of endpoint and network monitoring tools such as Fidel is Resolution1, Fidel is XPS Scout and Carbon Black. In addition, the Cyber Forensic Analyst will maintain and support the forensics lab and equipment to ensure that the DFIR practice can maintain high levels of efficiency and meet client service level expectations. More experienced candidates for this position will also be involved in conducting preliminary forensics analysis activities such as logfile analysis, filesystem analysis, file carving and data recovery, key recovery and binary/malware analysis. 

Core Responsibilities;

• Maintain high degree of Incident Response preparedness
• Deploy to client sites during emergency situations and provide on-call support
• Manage and maintain forensics lab and equipment to operational status
• Provide forensics analysis support to DFIR and Cyber Threat Intelligence team

Skills;

• Candidate must have knowledge and experience in working with computer hardware (building and configuring new hardware)
• Candidate must have knowledge and experience with installation, configuration and updating of software on both Windows and Linux platforms
• Candidate should have knowledge of Windows and Linux system internals (operating system architecture, processes, memory management, services, base libraries)
• Candidate must have familiarity with incident response processes and procedures
• Candidate must have familiarity with digital forensics processes and procedures including case management and chain of custody
• Must have working knowledge of regular expressions
• Intermediate level Scripting / Coding Skills (Python, Bash, Power shell, C/C++, R, etc.)
• Binary Analysis and Reverse Engineering skills desirable (IDA-Pro, Bin Scope/binutils, OllyDbg)
• Yara Scripting Skills desirable
• Malware Analysis Experience is desirable
• Exploit development knowledge is desirable

Technologies;

• Cisco or Juniper Networking
• v Sphere ESXi, Hyper-V or QEMU
• X-Ways Forensics or EnCase
• The Sleuth Kit, SANS SIFT
• Cuckoo Sandbox / FireEye AX / BlueCoat Malware Sandbox / RSA eCat
• Fidelis XPS Scout, Resolution1 / Carbon Black
• Virus Total API / WildFire API
• OllyDbg / Immunity Debugger / IDA Pro
• Log Rhythm, Sawmill, Plunk or ELK Stack

Education Requirements;

Bachelor Degree, Professional Certification or Equivalent Experience

Years of Experience: Minimum 8 years related experience