H.T. Associates, Inc. – Chicago, IL
|Location: Chicago, IL Summary: Our client is a $30B+ global company that holds the #2 market position in their industry and is committed to a major transformation that includes centralizing and growing their cybersecurity team as well as a move to be a very nimble, open source development, and cloud enabled organization. We are partnering with them to assist in filling a DFIR role on this growing cybersecurity team. This individual will have strong enterprise experience and will be looked at to help build up the forensic team capability (this person could have a big voice/say in what changes are made or new technologies are brought in for support). This DFIR engineer will perform intelligence-driven network defense supporting the SOC capabilities (Threat Intelligence, Threat Hunting, and Incident Monitoring/Response/Handling, et al.) The role involves forensic analysis of online and offline (“dead-box”) hosts and network logs associated with information security incidents discovered by the Threat Hunting and Monitoring capabilities. The role is supported by large amounts of data from vendor SaaS tools and internal sources, including various indicator feeds, SIEM, several threat intelligence tools, case management tools, forensics hardware/software, etc. in order to assist the DFIR team in contributing a near-complete technical understanding of information security incidents. The candidate will perform the functions of a digital forensics examiner team lead and collaborate with other teams in the Security Operations Center.
Contact Information: For immediate consideration please email a resume to [email protected]