Listing Description
Job Description:
-
Plan and build capabilities to establish and mature the forensics program.
-
Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes.
-
Set strategy and build forensics capabilities to support Centene’s strategic direction.
-
Architect, design and build forensic process and technology. Provide requirements and assist team in building Forensics lab to meet needs of the program.
-
Establish and mature forensic program. Incorporate best in class process and technology from Digital Forensics Incident Response (DFIR) community.
-
Collect, preserve, and analyze digital evidence from electronic data sources, including laptops, desktops, servers, and infrastructure devices.
-
Investigate incidents leveraging common forensics tools to analyze memory, hard drive, malware, and network based artifacts.
-
Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes
-
Prepare and review written technical reports that document case findings and lead the internal development of DFIR policies and procedures.
Preferred:
-
Creation of Intelligence Reports and Products
-
Data source identification, collection, enrichment and analysis, Endpoint, Network security analysis
-
Creation, research and mitigation of memory corruption vulnerabilities and exploits
-
Malware analysis or Reverse Engineering
-
Splunk (SEIM) experience in custom queries, searches, creating correlated alerts, and dashboard creation
-
Nessus or Nexpose vulnerability scanning, configuration and report generation experience
Education/Experience:
Bachelor’s degree in Computer Science, IT, Security, Forensics or related field. 7+ years of cyber security, forensics, incident response, or threat hunting experience.
License/Certification:
NAC, Certified Ethical Hacker (CEH), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Reverse Engineering Malware (GREM), and Forensics certifications preferred
Desired, subject matter expertise in one or more of the following domains:
-
Windows Client / Servers
-
Unix / Linux
-
Firewalls / ACL
-
Networking / Routing
-
Cloud Computing
Preferred Certifications:
-
GIAC Cyber Threat Intelligence (GCTI)
-
Offensive Security Certified Professional
-
GIAC Certified Incident Handler (GCIH)
-
GIAC Certified Forensic Analysist (GCFA)
-
GIAC Certified Pentester (GPEN)
Listing Details
- Salary: $140000 - $160000
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: No Travel
- Telework: Optional Telecommute