±Forensic Focus Partners
New Today: 0
New Yesterday: 5
· Extracting data from dump of mobile devices running Android operating system
· Development of Digital Forensic Tools on Mobile Device, a Potential Area to Consider?
· Can You Get That License Plate?
· How To Decrypt WeChat EnMicroMsg.db Database?
· A guide to RegRipper and the art of timeline building
· Recovering Evidence from SSD Drives in 2014: Understanding TRIM, Garbage Collection and Exclusions
· FT Cyber Security Summit 2014 – Recap
· Why Offender Profiling is Changing Thanks to Mobile Forensics and Increasingly ‘Social’ Criminal Activity
· Understanding Cyber Bullying – Notes for Digital Forensics Examiners
±Follow Forensic Focus
Incident Response Forensic Analyst - London based up to £60k
For more information please use my work account - bdonnachie @ firstname.lastname@example.org
No agencies please!
About AccessData Incident Response Services
AccessData is seeking qualified candidates to join our growing team as Incident Response Forensics Analysts. Our incident responders have backgrounds as government and Fortune 100 cyber security practitioners, and our services are regularly enlisted by some of the largest organizations in the world to deal with complex and sophisticated compromises. Because AccessData is also a leading cyber security software developer, our clients have the benefit of working with services experts who have unmatched expertise in the technology and the support of our development team behind them.
Essential Duties and Responsibilities
Conduct highly-confidential investigations for a global client list (e.g., data loss, virus outbreak, advanced persistent threats)
Conduct examination of digital media (hard drives, mobile phones, etc.)
Capture / analyse network traffic for indications of compromise
Review log-based data, both in raw form and utilising SIEM or aggregation tools
Employ best practices and forensically sound principals such as evidence handling and chain of custody
Establish timelines and patterns of activity based on multiple data sources
Identify, document and prepare reports on relevant findings
Utilize varied forensic software such as FTK, Encase, Helix, etc.
Effectively communicate with clients to establish timelines, manage expectations, and report findings
Required Knowledge, Skills and Abilities
Demonstrated computer forensic investigations experience
Expert-level knowledge of common attack vectors and penetration techniques
Solid working knowledge of networking technology and tools, firewalls, proxies, IDS/IPS, encryption
Demonstrated knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT
Experience with malware analysis (reverse engineering)
Excellent technical writing and presentation skills
Ability to successfully interface with clients
Event analysis and correlation
Experience managing large and small scale incidents
Additional Preferred Skills
Strong understanding of networking protocols such as TCP/IP, IPSEC, RIP, EIGRP, OSPF
Experience in a fast-paced consulting organisation
Experience with programming or scripting languages
Familiar with SIEM tools such as ArcSight, NitroSecurity, enVision, etc.
Demonstrated system administration skills
Education / Experience
Bachelor’s degree in computer science, digital forensics or related technical discipline or demonstrated equivalent work experience.
Minimum 5 years required in digital forensics and/or security, with 2 years desired in incident response
Preference given to candidates with current relevant industry certifications (ACE, EnCE, CFCE, CCE, DFCP, GCIA, GCIH, GREM, CSIH, etc.)
**Note: Successful candidate will be required to obtain AccessData ACE certification within 1 year