Title: IT Cyber Security Forensic Investigator
Organization: Corporate Functions/Security
Location: Chicago, IL (Not negotiable and not open to remote work)
The Cyber Incident Response Team Investigations (CIRT) is primarily responsible for conducting investigations and also assisting in responding to network infrastructure events.
Conducting Investigations – Primary Responsibilities
CIRT is responsible for establishing a chain of custody for evidence, conducting necessary computer forensics, including bit stream backups of suspect media and hard drive analysis. Investigations may include embezzlement, intellectual property theft, harassment, fraud, business ethics violations, and trafficking of pornography on the Internet or Accenture’s intranet. CIRT’s assistance also extends to mail file reviews and e-mail tracing as needed in support of these investigations. CIRT also, on occasion, provides technical support to Human Resources and Accenture Legal & Commercial offices in conducting internal investigations.
Responding to Network Intrusions and/or Incidents – Secondary Responsibilities
CIRT is responsible for coordinating with numerous groups which could be involved in responding to intrusions, as well as conducting follow-up investigations to such incidents.
Responsibilities May Include:
- Independently leading computer incident investigations, determining the cause of the security incident and preserving evidence for potential legal action
- Perform detailed forensic analysis on computers, phones, any other digital media
Interface with business function owners, legal, human resources, technical personnel and others
- Make recommendations on corrective action for incidents
- Assess artifacts/close incident vulnerability — preserve technical evidence
- Produce security incident and investigation reports/briefings
- Potentially act at an expert witness at criminal/civil trails
- Analyze infrastructure security incidents to determine if incident qualifies as a legitimate security breach
- Teach other team members advanced techniques in forensic investigations
- Extended international travel to lead and train teams in other locations
– Basic qualifications
- Minimum of 3 years of cyber/computer forensic investigative experience
- Minimum of 1 years of Incident response experience
- Minimum of 3 years of experience with digital forensic analysis tools – EnCase, Nuix, and IEF
- Minimum of 3 years of experience in Windows desktop and server OS
- A least 1 recognized professional certifications such as: GCFA, CISSP, EnCE, CISA, GCFE, GCIH, CEH Required
- Acquaintance with tools such as FireEye or ArcSight
- Familiarity with PowerShell, Python, and/or SQL
- Experience with memory analysis software such as Volatility or Redline
- Knowledge of laws related to computer intrusions and data privacy requirements
- IT Security Architecture
- Data Privacy
- Understanding of data networking and computer hardware
- Knowledge of Mac and Linux OS
- Excellent problem solving skills
- Strong oral and written communication skills
- Ability to multi-task and prioritize workload
- Capacity to work independently and within a team environment
- Detailed oriented it investigations and communications
- Ability to communicate technical investigation results to non-technical functions such as HR or legal
- Very strong sense of ethics/values — ability to handle confidential investigations with discretion
Candidates who are currently on assignment as part of the Global Careers program are not eligible for consideration.
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Accenture (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status).
Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.
Accenture is a federal contractor and an EEO and Affirmative Action Employer of Females/Minorities/Veterans/Individuals with Disabilities.
Equal Employment Opportunity
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.
Accenture is committed to providing veteran employment opportunities to our service men and women.