Digital Forensics & E-Discovery Specialist – Senior

SUMMARY: Digital Forensics & E-Discovery Specialist – Senior

XOR Security, an Agile Defense Company, is currently seeking several talented Analysts to support a commercial entity in the transportation sector. The Insider Threat program is a part of an advanced analytics capability of a Focused Operations program that provides comprehensive Computer Network Defense and Response support through monitoring and analysis of potential threat activity targeting the enterprise. The Digital Forensics & E-Discovery Specialist will conduct advanced security event analytics, insider threat monitoring, log analysis, host-based forensics, incident response, and case management. In support of this vital mission, XOR staff are on the forefront of providing Advanced CND (Computer Network Defense) Operations, and Systems Engineering support to include the development of advanced analytics and countermeasures to protect critical assets.

To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis, and incident response. Strong written and verbal communication skills are necessary. The ideal candidate will have a solid understanding of incident response, forensics investigations, and cyber threats. Additionally, the ideal candidate would be familiar with digital evidence collection, malware analysis, host-based forensic tools, intrusion detection systems, file systems, security information event management platforms, endpoint threat detection tools, and security operations ticket management.

Tools currently deployed:

·      Digital Forensics – Encase, Axiom, The Sleuth Kit (TSK) and Autopsy, Volatility, FTK

·      Cloud Access Security Broker (CASB) - Microsoft

·      Cloud Security Posture Management (CSPM) - Microsoft

·      Cloud Workload Protection (CWP) – Microsoft

·      Extended Detection and Response (XDR) - Microsoft

·      Endpoint Detection and Response (EDR) - Microsoft

·      Security Information Event Management (SIEM) – Microsoft Sentinel

·      Email Security and Phishing Simulation - Microsoft

·      Cyber Deception and Active Defense - SentinelOne

·      Cyber Terrain Attack Path Mapping - RedSeal

·      Enterprise Firewalls and Security Edge Technology – Palo Alto, Cisco, FireMon

·      Identity Detection and Protection – Microsoft, SentinelOne

·      Vulnerability Management Technology – Microsoft, Nessus

·      Web Application Firewalls (WAF) – AlertLogic, Akamai

Required Qualifications:

·      Five (5) to eight (8) years of experience formal education (e.g.: Bachelor’s recommended, but not required).

·      Formal education (e.g.: Bachelor’s not required, strongly encouraged).

·      Digital Forensic or Incident Response Certifications such as: GCIA, GCED, GCFA, GCFE, GCTI, GNFA, GCIH, ECSA, CHFI, CISSP, Security+, Network+, CEH, CND. CCE, CFC, EnCE, CFCE, GREM.

Closing Statement: 

XOR Security an Agile Defense Company  offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits. 

XOR Security an Agile Defense Company  is an Equal Opportunity Employer (EOE). M/F/D/V. 

Citizenship Clearance Requirement 
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and Secret CLEARANCE REQUIRED.