Arete Incident Response is leading cyber-incident response and security provider. Our mission is to help our clients to reduce the burden of preparing for, detecting, and responding to cyber-incidents, while also deploying preventative measures before and post-incident. At Arete, you will have the opportunity to work alongside and learn from some of the top minds in the cyber industry. You will also know that you are contributing to the health and safety of organizations -- not only major corporations, but also critical services such as hospitals and local government.
Our culture is focused on personal growth, excellence in everything we do, and a commitment to giving back to our communities. We are an elite team of cyber superheroes that strives to make a positive impact on the world every day. We seek top talent to join our team and contribute together for our, and your, success.
The Forensic Lead manages all aspects of the Incident Response engagement, including team’s performance, delivery and client development. Operating as industry leader in Incident Response, and trusted advisor, to the client and breach coach ensuring 100% client success! Forensics Leads provide breach coaches and Insurance Carriers tailored detailed analysis and reports on how unauthorized access and cyber intrusion occurred.
Roles and Responsibilities:
- The Forensic Lead is responsible for providing their forensic data and artifact collection requests needed for the forensic analysis and ensuring the data is collected, delivered, and processed in accordance with the project SLT.
- The Forensic Lead is responsible for shadowing on every scoping call they are assigned by the teams IR Ops Associated. The Forensic Lead is responsible for listening to the scoping call in order to have situational awareness and case background from the start of every engagement, so they can drive the forensic investigation forward ensuring the right data is collected and analysis questions answered.
- Supporting the Director, as a Forensic SME for all active forensic analysis for projects on their assigned Tiger Team.
- Responsible for having a personal 50% weekly target utilization that comes from client billable work including forensic analysis, participating in client update or forensic scoping and update findings calls, client correspondence related to forensic analysis, data collection, or investigative questions verbally or in writing.
- Initiates and Manages the forensic data collection process in support of the forensic investigation for the assigned engagement.
- Ensures the forensic project timeline is on track, daily updates are provided from the assigned analysts to the IR Director, and Analyst SLAs are met (i.e. report is delivered on time, interim and final updates are provided on-time when asked.)
- Ensures assigned analysts have the data, context, and clarity they need to conduct accurate and timely analysis.
- Be client facing when needed to assist on forensic update calls to ensure accurate updates are conveyed as they relate to the investigation.
- Communicating both verbally and in writing to answer client and counsel questions related to the forensic investigation.
- Support the Tiger Team IR Director with delegating and managing the Senior Analysts and Analysts who report to Forensic Lead on their respective Tiger Team
- Conducts the performance reviews of all forensic analysts sitting under them on their respective Tiger Team.
- Maintain a case load of at least two cases for which they will conduct forensic analysis. The case load will be maintained alongside the Forensic Lead’s other responsibilities duties.
- Conducts final review of the report from the perspective of the forensic investigator ensuring all possible investigative questions were addressed in the analysis and requesting additional context or analysis when the report requires more work.
Skills and Experience Requirements
- Must have at least 6+ years of incident response or digital forensics experience with a passion for cyber security (consulting experience preferred). 10+ years preferred.
- Proficient with host-based forensics, network forensics, malware analysis and data breach response.
- Experienced with EnCase, Axiom, X-Ways, FTK, SIFT, ELK, Redline, Volatility, and open source forensic tools.
- Experience with a common scripting or programming language, including Perl, Python, Bash, or PowerShell.
- Experience in a security professional services consulting firm.
- One or more Digital Forensic and Incident Response Certifications such as GCFE, GCFA, GNFA, GCTI, GREM, CHFI, CCE, CFC, EnCE, and CFCE.
- BA/BS or MS degree in an IT– or Cyber–related field.
When you join Arete…
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.