Do you want to work on leading edge technologies, innovative processes and work with the brightest minds in protecting organizations against the ever evolving internal and external threats?
Our Cyber Defense organization is searching for experienced digital forensics analysts who can leverage technology, develop and improve processes and empower organizations to improve and mature our capabilities that will allow us to quickly and effectively respond to any cybersecurity threats in the P&G environment.
? Perform basic forensics investigation and fulfill eDiscovery requests in aid of a cybersecurity, legal or HR investigation
? Use proven industry methods to preserve, collect, analyze and present digital evidences derived from different sources (e.g. end user devices, network, cloud, etc) to reconstruct events that led to incidents
? Adhere to chain of custody rules for digital evidences, providing them in acceptable formats for legal proceedings
? Assist the P&G Incident Response Team in investigating and resolving security incidents.
? Continuously improve and mature our Digital Forensics processes
? Effectively communicate technical information to non-technical audiences and influence others to comply with policies and conform to standards and best practices.
? Should have at least basic technical knowledge of the following:
1. Malware Analysis – ability to perform complex analysis to understand the properties and behaviors of a malware and propose effective countermeasures and mitigation strategies
2. User behavior Analysis – ability to piece together user activities to recognize patters of malicious behaviors
3. Log Analysis and Correlation
4. Enterprise Endpoint Security and Email Security
5. Network Security (IPS/IDS), Security protocols and Operating Systems (Windows, Unix, Linux)
? Preferably with experience on key forensics tools and solutions such as Encase, Magnet Axiom, Nuix, Cellebrite Inspector/Digital Collector
? Preferably with relevant experience on key security solutions such as Crowdstrike, Proofpoint, Zscaler and Humio
? Ability to work with different groups such as SOC analysts and Incident Response Team (IRT) in order to mitigate a security threat,
? Knowledgeable on different cloud service providers such as AWS, Azure and GCP.
? Available to work off hours during the evenings and weekends as required, sometimes with little advanced notice.
? The ability to work independently and quickly learn.
? Proficient English in Writing and Reading