As an IT Security Forensic Digital within PNC’s Cyber Response & Forensics organization, you will be based in Pittsburgh, PA.
Support Cyber-related investigations and operations by providing forensic acquisition and analysis of various digital media, including computer desktop systems, laptops, tablets, mobile and smartphones, and other media formats. Provide technical onsite support to incident response and evidence seizure activities, maintain chain of custody for digital evidence, and detect and analyze malware. Plan, lead, and participate in unit Cyber-related training events and on-the-job training for new staff. Analyze and investigate events using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints and other network devices to determine risk. Performs information security incident response and incident handling based on risk categorization and in accordance with established procedures. Assist in the administration and integration of security tools to include new data/log sources, expanding network visibility and automation. Evaluate and analyze complex malicious code through the use of tools, including disassemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers. Provide the findings in a technical report with details of the malware, identification parameters, advanced capabilities, and mitigation strategies. Perform research in the area of malicious software, vulnerabilities, and exploitation tactics.
PA – Pittsburgh
PA690 – Data Center
- Recovers and examines data from computers and other electronic storage devices in support of internal investigations, potential criminal matters and e-discovery efforts.
- Examines data from computers and other electronic storage devices in support of internal investigations, potential criminal matters and e-discovery efforts.
- Conducts data recovery operations in order to extract artifacts of evidentiary value, to include both hardware and software based data restoration and the decryption of protected files.
- Provides detailed reporting, in verbal and written formats, in order to support peer PNC investigators and key decision makers.
- Serves as subject matter expert relative to digital forensic investigation, providing consultation to management when necessary.