Forensic Lead
Hyderabad
Arete
Arete is transforming the way businesses and governments manage cyber risk through proven incident response, tech-enabled managed services, and powerful data insights.Summary
The Forensic Lead manages all aspects of the Incident Response engagement, including the team’s performance, delivery, and client development. Operating as the industry leader in Incident Response, and trusted advisor, to the client and breach coach ensuring 100% client success! Forensics Leads provide breach coaches and Insurance Carriers tailored detailed analysis and reports on how unauthorized access and cyber intrusion occurred.
Roles & Responsibilities
- The Forensic Lead is responsible for providing their forensic data and artifact collection requests needed for the forensic analysis and ensuring the data is collected, delivered, and processed by the project SLT
- Responsible for shadowing on scoping calls they are assigned to by the teams IR Ops Associated
- Responsible for listening to the scoping call to have situational awareness and case background from the start of every engagement, so they can drive the forensic investigation forward ensuring the right data is collected and analysis questions answered
- Supporting the Director, as a Forensic SME for all active forensic analysis for projects on their assigned Tiger Team
- Responsible for maintaining target utilization that comes from client billable work including forensic analysis, participating in client update or forensic scoping and update findings calls, client correspondence related to forensic analysis, data collection, or investigative questions verbally or in writing
- Initiates and manages the forensic data collection process in support of the forensic investigation for the assigned engagement
- Ensures the forensic project timeline is on track, daily updates are provided from the assigned analysts to the IR Director, and Analyst SLAs are met (i.e. report is delivered on time, interim and final updates are provided on time when asked)
- Ensures assigned analysts have the data, context, and clarity they need to conduct accurate and timely analysis
- Be client-facing when needed to assist on forensic update calls to ensure accurate updates are conveyed as they relate to the investigation
- Communicating both verbally and in writing to answer client and counsel questions related to the forensic investigation.
- Support the Tiger Team IR Director with delegating and managing the Senior Analysts and Analysts who report to Forensic Lead on their respective Tiger Team
- Conducts the performance reviews of all forensic analysts sitting under them on their respective Tiger Team
- Maintain a caseload of at least two cases for which they will conduct forensic analysis. The caseload will be maintained alongside the Forensic Lead’s other responsibilities duties
- Conducts final review of the report from the perspective of the forensic investigator ensuring all possible investigative questions were addressed in the analysis and requesting additional context or analysis when the report requires more work
- Other duties as assigned
Skills & Knowledge
- Must have 8+ years of incident response or digital forensics experience with a passion for cybersecurity (consulting experience preferred).
- Proficient with host-based forensics, network forensics, malware analysis, and data breach response
- Experienced with EnCase, Axiom, X-Ways, FTK, SIFT, ELK, Redline, Volatility, and open-source forensic tools
- Experience with common scripting or programming language, including Perl, Python, Bash, or PowerShell
- Experience in a security professional services consulting firm
- One or more Digital Forensic and Incident Response Certifications such as GCFE, GCFA, GNFA, GCTI, GREM, CHFI, CCE, CFC, EnCE, and CFCE
- BA/BS or MS degree in an IT– or Cyber–related field
Disclaimer
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties and skills required personnel so classified.
Work Environment
While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of this job.
Physical Demands
The only edits made to the section should be regarding travel requirements.
- No physical exertion required.
- Travel within or outside of state.
- Light work: Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force as frequently as needed to move objects.
Terms of Employment
Salary and benefits shall be paid consistent with Arete salary and benefit policy.
FLSA Overtime Category
Job is exempt from the overtime provisions of the Fair Labor Standards Act.
Declaration
The Arete Incident Response Human Resources Department retains the sole right and discretion to make changes to this job description.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.
When you join Arete…
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Bash CFCE CHFI ELK EnCase EnCE Forensics GCFA GCFE GCTI GNFA GREM Incident response Malware Perl PowerShell Python Scripting SLAs
Perks/benefits: Competitive pay Insurance Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs