AGM/GM/DGM - Senior Investigator - Cyber Forensics - IT

AGM/GM/DGM - Senior Investigator - Cyber Forensics - IT

The Senior Cyber Investigator is responsible for executing and leading incident response and investigative activities across the enterprise. Candidates in this role will function as the subject matter expert within the disciplines of Incident Response, Cyber Investigations, and Digital Forensics with added responsibility for enhancing and executing all aspects of the Cyber Incident Response program.

Role will require building and maintaining working relationships with multiple business units, information technology teams, and engaging with various levels of senior management.

The job requires an understanding of attack vectors, current threats, and remediation strategies. Candidates in this role will also be expected to possess the technical aptitude necessary to understand digital forensic techniques and analysis tools to support the investigative process.

Candidates will need to establish and maintain positive and productive relationships through ongoing dialogue with department direct reports, technical leads, internal business partners, senior management, and other interested parties. He/she will report status, manage issues and mitigate risks, escalating issues/risks to upper management as appropriate

The Cyber Investigator is expected to perform the following functions.

- Lead/Coordinate actions related to cyber incident response and investigation activities (triage, root cause analysis, forensics, escalations, notifications, communication, etc.); determine severity level of incidents and course of actions to include escalation and communication.

- Providing updates (written reports) to management team.

- Support development of program and training for forensics investigators.

- Continuously evaluate and assess current and future security needs of the organization and make recommendations and business case requests to substantiate changes.

- Provide expertise in investigations that may involve fraud, employee code of conduct violations, criminal activity, and breaches of confidential information and/or intellectual property.

- Partner with Global Information Technology, Risk & Compliance and other internal stakeholders.

Major Areas of Responsibility :

- Major Tasks Manage the investigative program and lab environments

- Must be able to lead and execute cyber incident response and investigation activities.

- Demonstrate technical expertise and forensic skills in relation to investigations of information technology.

- Proficient with digital forensic tools and implementation in a global environment.

- Must able to summarize investigative findings and be able to clearly document the technical details in a written report which could culminate in court testimony.

- Drive consistency and forensic investigative best practices across. Participate in a team environment in order to deliver a seamless service.

- Actively engage the team in Information Security.

- Attend and actively participate in team meetings.

- Participate in training and personal development courses.

- Engage peers to leverage best practices and share knowledge. Manage service processes and procedures.

- Support Information Security activities.

- Review Information Security process documentation on a regular basis.

- Ensure delivery of services to applicable standards, policies and regulations.

Problem Solving :

The Cyber Investigator will present the following challenges an adequate response to which will require some of the following aptitudes.

- Interface with Global Information Technology team, Risk & Compliance organization and other internal stakeholders.

- Requires the ability to respond proactively within the scope of a global, fast-moving corporation.

- Manage escalations, incidents, and complex problems.

- Requires the ability to judge the gravity of a situation and an awareness as to what one can to, personally to bring it to resolution, as well as when to seek assistance.

- Maintain professionalism, solution focus, and loyalty to R&C and the larger objectives of

- Requires the ability to distinguish between client interests and interests and, knowing the distinction, to act in keeping with best interests. Maintain a positive attitude and provide an example of model behaviours to junior staff, particularly those in R&C function o Requires the ability to maintain a perspective on events, understanding service provision is a field that is rife with highs and lows.

Qualifications and Experience Preferred :

- Travel Eligibility - Required - Candidates must be willing/eligible to travel to/from India to other global geographical regions.

- Educational - Degree in Computer Engineering, Computer Science, or other IT related discipline

Professional Qualifications - Desirable :

- CISSP, GCIH (Certified Incident Handler), GCFA (Certified Forensic Analyst), GCFE (Certified Forensic Examiner).or other similar certification. - CISA, CISM and/or CISSP

Experience :

- Strong analytical and problem solving skills

- Strong written and verbal communication skills.

Desirable :

- 5+ years of work experience related to security incident response, digital forensics and investigation activities.

- 3+ years experience with enCase, FTK or other enterprise forensic tools

- Experience developing digital forensics programs and lab environments

- Experience performing malware analysis.

- Understanding of network security risks, exploits, and vulnerabilities.

- Proficiency in all the infrastructure layers, hardware, OS, virtualization, storage, network, database and security

- Familiarity with various global privacy regulations/requirements.

- Ability to mentor/train incident handlers.

Charanpreet