Host Forensics Analyst SME Remote/Washington, D.C. (1-2 days/week)
Overview: The role of the Host Forensics Analyst SME is to methodically examine all collected windows host data for evidence of intrusion, malware, or unauthorized activity. The context is an assumed breach for which there is no known starting point other than the identification of anomalies across a wide range of similar machines.
The current environment requires somebody that understands the principles and artifacts beyond automated tools and has the skillset to manually collect and analyze artifacts and host/network behavior that are not covered by automated forensic tools.
Pre-requisite Experience that is necessary for success in this role: Windows or Linux internals experience. Incident response investigation experience with actors that depend on "living off the land" techniques. Experience with adversarial techniques used in offensive cyber actions. Experience debugging or programming .NET malware. Desired Experience:
DFIR - forensics and IR experience with primary focus on Encase.
Red team - resources with offensive testing engagement experience with good amount of scripting for data acquisition and such.
THIRD PARTY AGENCIES, SUBCONTRACTORS, AND RECRUITERS NEED NOT APPLY. Applicants received from firms will not be considered. Subcontracting is not available for this position.
We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.
Job Description As a valued colleague on our team, you will contribute to collecting, analyzing, and interpreting financial or operational information which could include trend analysis and identification of gaps and opportunities. In this role, you will value assets by assessing current conditions with direction from senior leadership and the support of your team, and recommend debt structures by analyzing refinancing options.