Forensic Analyst Engineer - Trace3 irvine, ca Bookmark Share Print 413 0 6

Listing Description

What You’ll Bring to Trace3:

• Demonstrated interest in the field of digital media forensics; involving intellectual property theft, human resources (HR) issues, compromised systems, and malware investigations.

• Can speak to the importance and requirements of chain of custody, media imaging, digital forensic processes and procedures for common media and systems; with the willingness and drive to constantly improve these procedures.

• Understanding of computer file and operating systems (UNIX, Windows, Mac OS, Linux), hardware (desktop, laptop, server), file systems (NTFS, FAT, HFS/HFS+, EXT2/3), email data formats (EDB, PST, NSF, MBOX, EMLX, EML, MSG, etc.), file metadata, electronic documents, databases (SQL, Oracle, etc.) and document management systems (Documentum, SharePoint, etc.) as they relate to forensic data acquisition and analysis.

• Understanding of data collections from cloud and web services for eDiscovery and forensic acquisitions (e.g. Social Media, Gmail, Hotmail, Dropbox, Amazon, iCloud etc.).

• Understanding of data collections from email archiving appliances.

• Understanding of file system forensics.

• Understanding of email analysis, signature and hash analysis, timeline analysis, registry analysis, and Internet history analysis.

• Understanding of forensics tools such as EnCase, Forensic Toolkit (FTK), Xways, Nuix, Paraben, and other common toolsets in the forensics profession.

• Understanding of steganography and encryption detection and analysis

• Excellent oral and written communications skills for working with a diverse professional clientele with varying levels of technical experience. Ability to interact with customers and co-workers both in person and in writing.

• Ability to research highly technical topics and derive logical conclusions using well thought out processes.

• Ability to combine information from various sources into clear, concise technical documents that explain the background and procedures for detecting and mitigating risks.

• Must be able to quickly parse out "the big picture" from copious amounts of information, yet dwell on the minutia whenever necessary.

• Possess and nurture a hacker mentality: Being able to visualize issues and possible solutions outside the box.

• A willingness and desire to learn.

• Must be a conscientious, punctual, professional and devoted member of our team; with the ability to safeguard sensitive, restricted, and other information deemed to have special handling and dissemination protocols.

• Highest level of ethics and core values. This role and our team demands excellent character and discretion in handling sensitive and critical information, as well as the ability to pass financial and criminal background checks.

• Effective when working under pressure and good enough to make sure that rarely happens.

• Ability to travel within the continental United States up to 30 percent of the time for company and client meetings, conferences, and engagements.

• Bachelor's degree, a combination of experience and/or Associates degree, or an equivalent combination of equivalent education and work experience. Degree must be from an accredited institution, with degree in a technical discipline or significant coursework in software development, information security, forensic sciences, and/or information technology is preferred.

• At least one (1) years in Information Technology and/or Information Security, including information security risk management, including intrusion analysis, monitoring and detection, threat/vulnerability analysis, digital forensics.

Preferred Skills:

• Understanding of how legitimate users administer, use, and secure common operating systems and cloud platforms, and how malicious actors exploit them.

• Understanding of how legitimate users administer, use, and secure common consumer and enterprise network devices and systems, and how malicious actors exploit them.

• Understanding of information security architecture, mitigation of threats, compensating controls, and the Cyber Kill Chain.

• Understanding of computer networking, routing, and protocols.

• Familiarization with malware analysis, and reverse engineering.

• Familiarization with various scripting and programming languages such as Python, Perl, Java, PowerShell, etc with a focus in forensic tool and script development.

• Having or planning to have certifications in information security and digital forensics are a plus.

The Perks:

• Work with a team of experienced information security professionals who are published authors, requested speakers at conferences, and are active in the information security and hacker communities – who help each other learn and grow personally and professionally.

• Competitive Compensation

• Comprehensive medical, dental and vision plans for you and your dependents

• 401(k) retirement plan, 529 college savings plan, life insurance, and AD&D

• Training and development programs

• Stocked kitchen with snacks and beverages

• Collaborative and cool office culture

• Work-life balance, where we don’t encourage fun and relaxation time; we actually require it

• Unlimited vacation to relax, restore and refresh

This position is a regular, full-time opportunity with Trace3 in Irvine, CA. . Alternative locations would include Denver, Colorado; Phoenix, Arizona; or San Diego, CA with occasional remote work opportunities.• Perform digital forensics and eDiscovery services including forensic digital evidence collection and preservation, forensic analysis, data recovery, electronic mail and file extraction, and database examinations. Extract evidence from computers, phones, tablets, cameras, thumb-drives, and just about any other form of digital media.

• Conduct analysis on findings, pulling together indicators of compromise (IoCs), event timeline, and summary of situation with recommendations for mitigation and path forward.

• Present evidence and findings to leadership, customers, and possibly law enforcement and legal entities.

• Take an active role in developing and deploying sound and well-documented digital forensics-related products and services, provide ongoing support, and implement improvements that advance the effectiveness and efficiency of our digital forensics efforts. Develop user guides to standardize practices across the organization and increase efficiency.

• Develop, test, deploy, update, and patch computers, forensic software and forensic equipment (such as writeblocks and standalone data acquisition devices (imagers)); as well as various types of network equipment, such as switches, routers, and monitoring devices needed for our operations.

• Provide support to assemble, configure, modify, test, maintain, and prepare computer, digital forensics, and network equipment to support the continual operational use of digital forensics investigations.

• Sanitize, prepare, and label digital media for use, in line with our standards.

• Manage projects from start to finish detailing to clients the importance of each step, providing proper guidance. Report project progress as required, both internally and externally.