Cyber Security Forensic Consultant
Company: RiskView Inc.
Job Type: Permanent
Industry: IT Consulting
Location: Downtown Toronto
Position: Senior Manager/ Manager
Job Description: The Cyber Security Forensic Analyst investigates all suspected instances of waste, fraud and abuse; data spills; and network penetrations of the customer’s information systems. The investigator uses a variety of forensics and intrusion detection tools to conduct forensic examination activities including assisting in the analysis of various types of network, computer and technology devices which may contain digital evidence. The successful candidate investigates and eradicates computer viruses and malicious code. The selected candidate will need a basic understanding of Malware processes and provide computer incident and violation response support and cyber security awareness and training, and will participate in technical meetings and working groups to address issues related to computer security, protection against malware, and other vulnerabilities. The selected candidate will also investigate alerts identified by various security appliances and review audit logs to determine if an incident has occurred. The candidate will use best practices to document and preserve digital evidence for legal proceedings.
Required Skills and Knowledge: All applicants must have a clear security clearance and police background check. Minimum 7 – 10 years of technical experience working in a client/server environment. The applicant should have knowledge in the proper use of computer forensics and security compliance tools, and experience conducting network based incident investigations. The applicant should have experience with Guidance Software toolsets to include EnCase Forensics and EnCase Enterprise, and have demonstrated understanding of client/server architecture and TCP/IP protocols. The applicant should have knowledge of modern Windows Server platforms and desktop operating systems. Applicants should have experience eradicating computer viruses and malicious code and finding retrieving, analyzing, preserving, and maintaining digital information from computers and network equipment. The applicant should have experience maintaining “chain of custody” by following standard rules of digital evidence. The candidate should have an in-depth working knowledge in IC intelligence regulations, be familiar with intelligence oversight principles, must possess superior writing and briefing skills, and be capable of providing polished analysis documentation.
BA/BS in Engineering, Computer Science or related science field preferred. A minimum of 7 years’ experience in computer science, software engineering, information security fundamentals or general IT.
Experience with reverse engineering tools such as IDA Pro, OllyDbg, and other similar toolsets. Have an understanding of how various attacks work at the memory and register level. Experience with UNIX/Linux operating systems and various programming and scripting languages are desired. Experience utilizing Microsoft SQL server, BindView and ArcSight would be beneficial. Proficiency using MS-Office tool suite is desired, as is knowledge of all Microsoft Office Suite applications and uses. Prior experience with network intrusion is desired. Experience authoring and executing plans and programs at the headquarters or agency level is beneficial. Have proficiency in assembler languages, Strong shell, C, C++, and/or Java programming skills.