Senior Digital Forensic Analyst
other jobs Appcast Enterprise
Added before 2 Days
- England,South East,Hampshire
- full-time
- Competitive salary
Job Description:
Description
Senior Digital Forensic Analyst
Location:
This role can be based from home with occasional travel to UK company sites
Looking for an opportunity to make an impact?..
Role Overview:
We are looking for a Senior Digital Forensic Analyst to join the team.
This is an opportunity to join a team of highly skilled and innovative digital forensic and insider threat analysts, and the best group of individuals out there. Leidos’ Cybersecurity Intelligence and Response Team (CSIRT) has an immediate opening for a motivated Sr Digital Forensic Analyst. Leidos is an international company made up of 47,000 employees that provides Defence, Intelligence, and Health Products to our customers. Our goal is to stay ahead of, and maintain a technical advantage using the latest technical advancements, including custom built cybersecurity capabilities.
As a key part of the team, your responsibilities will include conducting forensic analysis and imaging devices locally and across the network according to industry standards and with widely accepted software. You will review digital artifacts for evidence of data exfiltration, insider threat activity, and in support of network intrusions and internal investigations. You will leverage network logs to track assets and work with internal customers to protect Leidos data and assets.
You will be expected to document your forensic process and write reports explaining technical concepts to a non-technical audience. You will work with local and international internal customers to assist them with their investigations and consult with them to determine the best course to take. In this position, you will have the ability to grow through training opportunities, conferences and collaboration with industry peers and adjacent parts of our business. You will be challenged and provided a tremendous opportunity for growth in a highly collaborative and supportive environment.
Primary Responsibilities:
*Analyse digital devices for evidence of data exfiltration, insider threat activity, and in support of internal customers
*Using industry standard practices and software/hardware, image devices locally and over the network
*Support enterprise incident response efforts
*Leverage understanding of tactics and techniques to determine the actions an actor took on their device.
*Employ advanced forensic tools and techniques to discover and confirm your findings
*Stay up-to-date on industry trends, incorporate them into your analysis, and share them with the team
*Collect email snapshots, file shares, and computer backups from cloud providers.
*Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals
*Provide on-call digital forensic support outside of core hours, as needed
*Mentor junior analysts technically and conceptually
*Lead small groups within the team for discernable tasks, including projects and large collection and analysis cases
*Understanding and educating the team about analysis techniques and artifacts of interest
Required Skills:
*Experience in conventional digital forensics
*Experience performing "deep dive" forensic analysis on computers, external drives, and mobile devices
*Correlation of SIEM log data with devices
*Experience leading and contributing to forensic response
*Strong understanding of Operating Systems (Windows, MacOS, Linux)
*Strong understanding of the forensic process from imaging to analysis to report creation.
*Bachelors degree in computer science, cyber security, or a related field and/or 12 to 15 years of prior relevant experience in digital forensics
*Relevant certifications (EnCE, GCFE, GCFA, MCFE, CCO, CCPA, etc)
*Or any combination of relevant experience, education, training, and certifications
Preferred Skills:
*Experience with industry standard forensic software (EnCase, AXIOM, Cellebrite)
*Experience with Splunk (preferred) or other SIEM-type platform
*Knowledge of cloud forensics
*Capable and comfortable communicating with both technical and executive-level stakeholders
*Experience in decrypting password protected drives and files
*Experience with responding to incidents in large cloud infrastructures (AWS, Azure, etc.)
*An understanding of the stages of the Electronic Discovery Reference Model (EDRM)
*Published research papers at conferences or through other mediums (blogs, articles)
*Experience with evidence handling from collection, chain of custody, storing, archiving, and releasing
Clearance Requirements:
*Pre-screening to Start BPSS
*Clearance for Role SC
Intrigued? We’d love to hear from you...
What we do for you:
At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance.
We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes:
• Contributory Pension Scheme
• Private Medical Insurance
• 33 days Annual Leave (including public and privilege holidays)
• Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme)
• Dynamic Working
Commitment to Diversity:
We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone. If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs.
Who We Are:
Leidos UK & EUROPE – we work to make the world safer, healthier, and more efficient through technology, engineering and science.
Leidos is agrowing company delivering innovative technology and solutions focused on safeguarding critical capabilit
Senior Digital Forensic Analyst
Location:
This role can be based from home with occasional travel to UK company sites
Looking for an opportunity to make an impact?..
Role Overview:
We are looking for a Senior Digital Forensic Analyst to join the team.
This is an opportunity to join a team of highly skilled and innovative digital forensic and insider threat analysts, and the best group of individuals out there. Leidos’ Cybersecurity Intelligence and Response Team (CSIRT) has an immediate opening for a motivated Sr Digital Forensic Analyst. Leidos is an international company made up of 47,000 employees that provides Defence, Intelligence, and Health Products to our customers. Our goal is to stay ahead of, and maintain a technical advantage using the latest technical advancements, including custom built cybersecurity capabilities.
As a key part of the team, your responsibilities will include conducting forensic analysis and imaging devices locally and across the network according to industry standards and with widely accepted software. You will review digital artifacts for evidence of data exfiltration, insider threat activity, and in support of network intrusions and internal investigations. You will leverage network logs to track assets and work with internal customers to protect Leidos data and assets.
You will be expected to document your forensic process and write reports explaining technical concepts to a non-technical audience. You will work with local and international internal customers to assist them with their investigations and consult with them to determine the best course to take. In this position, you will have the ability to grow through training opportunities, conferences and collaboration with industry peers and adjacent parts of our business. You will be challenged and provided a tremendous opportunity for growth in a highly collaborative and supportive environment.
Primary Responsibilities:
*Analyse digital devices for evidence of data exfiltration, insider threat activity, and in support of internal customers
*Using industry standard practices and software/hardware, image devices locally and over the network
*Support enterprise incident response efforts
*Leverage understanding of tactics and techniques to determine the actions an actor took on their device.
*Employ advanced forensic tools and techniques to discover and confirm your findings
*Stay up-to-date on industry trends, incorporate them into your analysis, and share them with the team
*Collect email snapshots, file shares, and computer backups from cloud providers.
*Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals
*Provide on-call digital forensic support outside of core hours, as needed
*Mentor junior analysts technically and conceptually
*Lead small groups within the team for discernable tasks, including projects and large collection and analysis cases
*Understanding and educating the team about analysis techniques and artifacts of interest
Required Skills:
*Experience in conventional digital forensics
*Experience performing "deep dive" forensic analysis on computers, external drives, and mobile devices
*Correlation of SIEM log data with devices
*Experience leading and contributing to forensic response
*Strong understanding of Operating Systems (Windows, MacOS, Linux)
*Strong understanding of the forensic process from imaging to analysis to report creation.
*Bachelors degree in computer science, cyber security, or a related field and/or 12 to 15 years of prior relevant experience in digital forensics
*Relevant certifications (EnCE, GCFE, GCFA, MCFE, CCO, CCPA, etc)
*Or any combination of relevant experience, education, training, and certifications
Preferred Skills:
*Experience with industry standard forensic software (EnCase, AXIOM, Cellebrite)
*Experience with Splunk (preferred) or other SIEM-type platform
*Knowledge of cloud forensics
*Capable and comfortable communicating with both technical and executive-level stakeholders
*Experience in decrypting password protected drives and files
*Experience with responding to incidents in large cloud infrastructures (AWS, Azure, etc.)
*An understanding of the stages of the Electronic Discovery Reference Model (EDRM)
*Published research papers at conferences or through other mediums (blogs, articles)
*Experience with evidence handling from collection, chain of custody, storing, archiving, and releasing
Clearance Requirements:
*Pre-screening to Start BPSS
*Clearance for Role SC
Intrigued? We’d love to hear from you...
What we do for you:
At Leidos we are PASSIONATE about customer success, UNITED as a team and INSPIRED to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance.
We provide an employment package that attracts, develops and retains only the best in talent. Our reward scheme includes:
• Contributory Pension Scheme
• Private Medical Insurance
• 33 days Annual Leave (including public and privilege holidays)
• Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme)
• Dynamic Working
Commitment to Diversity:
We welcome applications from every part of the community and are committed to a truly diverse and inclusive culture. We foster a sense of belonging, welcoming all perspectives and contributions, and providing equal access to opportunities and resources for everyone. If you have a disability or need any reasonable adjustments during the application and selection stages please let us know, and we will respond in a way that best fits your needs.
Who We Are:
Leidos UK & EUROPE – we work to make the world safer, healthier, and more efficient through technology, engineering and science.
Leidos is agrowing company delivering innovative technology and solutions focused on safeguarding critical capabilit
Job number 1833567