Job Details

We are looking for a Junior Cybersecurity Analyst who is passionate about defensive security and progressing the cyber maturity of our clients. The ideal candidate will be an innovator who will need to dive deep into a large number of unknowns, using his or her security expertise to uncover problems within client environments and identify opportunities to increase the overall capabilities of the Schneider Downs cybersecurity practice.

Our successful candidate will have the opportunity to engage with systems that are at the cutting edge of technology and scale. We are also looking for someone familiar with the incident response process who is capable of commanding critical incidents, engaging with senior leadership, developing other junior team members and leading our organization’s initiatives.

What you will do

•  Host/network based forensic investigations
• Develop custom reports based on data from multiple data sources, including security appliance, network sensors, and outside intelligence feeds
• Present technical material in a clear, organized briefing to a mix of technical and non-technical personnel
• Fully scope and present findings for a broad range of incidents from Nation state APT to financially motivated cyber-crime incidents
• Develop, document and manage a containment and remediation strategy for customers
• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response

Qualifications

• Support large-scale technical projects for clients, mainly incident analysis and forensics
• Experience in an analytical role of either network forensics analyst, threat analyst, incident response or security engineer/ consultant
• Collaborate with team members on a global scale and serve as part of a global on-call rotation
• Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
• Experience with advanced computer exploitation methodologies
• Ability to integrate data from multiple sources and present concise, relevant information to a non-technical audience
• Understanding of the workings and analysis of TCP/IP network communication protocols
• Practical working knowledge of the incident response lifecycle (detection, Identification, containment, analysis, remediation and reporting)
• Develop detailed reports on root cause analysis and recommendations related to computer incidents
• Strong communication and presentation skills, along with the ability to work in a highly collaborative environment
• Related certifications a plus (GCIH, GCFE, GCFA, GREM, GNFA, A+, Network+, and/or Security+)
• Basic understanding of legal, regulatory and compliance requirements (GDPR, PCI, HIPAA, SOX, etc.)

Background

•  Bachelor’s Degree

We Value Knowledge or Experience in the Following Areas

•  Incident Commanding / Response
• Network and Host Forensics
• Operating Systems (Windows, Linux, MacOS)
• Automation (e.g., Python, Shell, PowerShell)
• Windows / Unix / Mac / Network Log Analysis
• Presentations to executive leadership
• Technical training / mentoring of others
• SIEM deployment or management
• EDR solutions
• Forensic recovery of evidence
• Malware analysis
• Strong firewall and networking background
• Windows administration knowledge to include:
  • GPO configurations
  • Server and workstation hardening
  • Backups; system recovery
  • Sensitive registry hive values
• Network traffic analysis
• Knowledge about a what an effective security architecture entails