Senior Computer Forensics Analyst
Philadelphia, PA / New York, NY / Fort Lauderdale, FL / Other
Provide senior and expertise skill level in digital forensics principles when acquiring, collecting, preserving, and processing of data. Independently capable of conducting a forensic data acquisition and performing a full forensic examination/analysis of Windows and MAC-based desktop/laptop computer systems, servers to include Exchange and Files Shares, mobile devices, and related digital storage media. Experience with incident response (triaging, collection and analysis). Document and report and be able to provide expert witness testimony for investigations and litigations. Experience managing a team of examiners and mentoring same. The senior examiner must be able to utilize industry accepted forensic tools such as EnCase®, FTK, and X-ways.
- Must be able to manage multiple projects and maintain a computer forensics lab.
- Serve on forensic projects and functionally participate in project meetings
- Proactively assist in the management of clients
- Train and mentor staff
- Establish effective working relationships directly with clients
- Generate high quality forensic reports presenting complex technical processes and findings clearly and concisely to technical and non-technical business clients while meeting expected timelines
- Compose affidavits, and depositions and participate in court testimony as needed.
- Conduct or assist with forensic acquisition and preservation of electronic data from a wide range of information technology environments and platforms including social media and mobile devices.
- Conduct on-site and remote imaging and data captures. Coordinate and track all electronic collection activities, maintain chain of custody and project lifecycle documentation to ensure computer forensic protocols are met.
- Research and analyze new technologies and provide recommendations on the best leading-edge technology for organization use.
- Must be competent in digital computer forensics, electronic discovery, and information security.
- Knowledge and experience with Windows, Macintosh, and Linux.
- Firm understanding of: information systems security, network architecture, physical server and desktop architecture, virtual infrastructure architecture, general database concept, document management concepts.
- Firm understanding of electronic mail systems such as Exchange, GroupWise, Lotus Notes and cloud hosted services.
- Experience with EnCase®, FTK, Oxygen, Cellebrite, IEF, et al.
- Ability to establish, maintain and execute all components of an incident response plan, from incident intake through root cause analysis, technical remediation analysis, and reporting
- Must be very detail-oriented
- Must be able to interact with other staff and clients, in person or by phone.
- Critical thinker, problem solver.
- Must hold 2 or more industry recognized digital forensic certifications: A+, CFCE, CCE, GCFA, GCFE, EnCE, ACE, CCME, or similar certification
- Cyber/network related certifications: (one or more): Network+, Server+, GREM, GNFA, CISSP, CCNA, CCNP, or similar certification
- Excellent written and oral communication skills.
- Ability to create exceptional, detail-oriented, client deliverables.
- Experience with scripting and programming languages such as: C#, Java, Python, Pearl, Bash scripting, PHP, etc., a plus.
- Law enforcement background (not required but a plus).
- Government background (not required, but a plus).
- 7+ years professional work experience related to field conducting computer forensics investigations, post incident response; and network forensics
- Experience testifying in court, Grand Jury, or other legal proceedings through testimony, sworn affidavits, declarations, or other legal instruments.
Capsicum Group, LLC is a technology and consulting company dedicated to helping organizations achieve success with complex legal, regulatory and technology projects. Capsicum Group was founded in 2000 Capsicum Group, LLC (Capsicum) and focuses its practice on various disciplines including: digital forensics, data recovery, regulatory compliance, privacy, cyber security and electronic discovery.