KPMG - Associate Consultant/Consultant - Cyber Forensic Department

Job description:

We are currently looking for experienced IT Security professionals with excellent oral, written skills and possess relevant experience of working in the field of Incident Response, malware investigations, and network forensics. The candidates are expected to conduct investigations/ root cause analysis onsite/offsite in case a cyber incident is reported by the client.

As a part of the job candidates are expected to possess skills and knowledge of:

1. Operating systems artifacts, registry keys, windows event logs etc.

2. Log analysis and correlation of log files such as (active directory logs, firewall logs, SIEM logs, email tracer logs etc.)

3. Malware reverse engineering skills - Static, Dynamic malware reversing

4. Various processes of incident response like triage, analysis and containment

Understanding and experience of the following:

1. Candidate should be able to identify and examine malicious software, such as bots, worms, ransomware, virus and Trojans and should have hands on experience of the same. Candidate should be able to conduct static and dynamic analysis of the malware to examine how the program interacts with its environment. The analyst should also be able to document the specimen's attack capabilities, understand its propagation characteristics, and assist in defining signatures for detecting its presence.

2. Technical knowledge & relevant experience in security domains /technologies related to: :

a. Infrastructure/Network security

b. Identity and Access Management

c. Business Impact Assessment

d. Application security

e. Data Leakage Prevention

f. End Point Protection

g. Web filtering technologies, Proxies and firewalls.

h. Vulnerability Assessment / Penetration Testing

i. Cloud security

3. Understanding of Vulnerability Assessment and Penetration Testing

4. Good understanding of types of malwares, OWASP Top 10 vulnerabilities, malware mitigation techniques etc.

5. Good understanding of OS, database, application and network device hardening

Description of Skill set and Work experience desired:

1. Hands on malware analysis experience (Mandatory)

2. Reverse engineering

3. Static and dynamic analysis of malware

4. Understanding of incident response

5. Understanding and experience in cyber forensics activity like forensic preservation/imaging, live imaging, triage etc.

6. Well versed with networks and various devices like firewall, switches, routers, vlans/virtual lan, DLP solution etc.

7. Windows event logs, firewall logs, proxy server logs etc. analysis and correlation

Tool experience:

1. Wireshark / TCP view /Network Minner

2. PEExplorer

3. Volatility

4. VMWare/ Virtual box

5. IDA

6. Log parser

7. EnCase

8. AccessData FTK

9. OSForensics

Qualifications:

1. BE, Btech, MCA, BCA

Certifications other than standard graduation/post grad qualification

2. SANS GCFA

3. EC Council CEH

4. EC Council CHFI

5. OSCP

6. EnCase (EnCE)

7. Access Data FTK (ACE)

8. EC-Council CEH

9. EC-Council CHFI