Whom are we looking for? 

We are looking for a Digital Forensic Examiner in the Cybersecurity and Digital Forensics Department. We need a highly driven, motivated, creative, reliable, diligent, and clever individual to join our team. We are in a competitive environment and we need to “hack it” with innovative approaches. The desired candidate should have experience with cybersecurity, some hands-on technical experience and theoretical understanding of forensic science and be able to roll up their sleeves and work independently as needed. 
 

Benefits working at LIFARS: 

• Our team works on many cases with FBI, US Secret Service, Europol, Interpol, and other military and intelligence agencies 
• Performance bonus when LIFARS meet quarterly target, around 20% of annual salary 
• Competitive salary and overtime pay 
• Very solid medical, health, dental, vision, and 401(k) benefits 

 

Requirements/Qualifications: 

• Deep technical knowledge of Windows and Linux system (workstations and servers)
• Minimum 3 years of cyber/digital forensic investigation experience
• Minimum 1 year of incident response experience
• Minimum 3 years of experience in Windows desktop, server OS, or Linux
• At least 1 professional certification such as: GCHA, CISSP, EnCE, CISA, GCFE, GCIH, or CEH required 
• Technological skills with cyber security/forensic software (AccessData, Encase, etc.) 
• Microsoft Office (PowerPoint, Excel, Word, Outlook) experience preferred 
   

Responsibilities: 
 

• Conduct digital forensic investigations and remediation, including after breach recovery and technical assessments as a part of the team or team leader 
• Manage cybersecurity and digital forensics engagements for clients- team leader and responsible for lab organization, including policy and physical location as a deputy manager
• Manage on-boarded clients with IR retainers from technical perspective
• Conduct incident response on site in US and North America
• Responsible originator- implement internal security, policies and procedures for IT security areas under the direction of CISO
• Work on various projects for clients – implementations, integrations, consulting and advisory
• Prepare technical and awareness training for internal staff and clients
• Independently lead computer incident investigations, determining the cause of the security incident and preserving evidence for potential legal action
• Perform detailed forensic analysis on workstations, servers, phones, or any other digital media interface with business function owners, legal, human resources, technical personnel and others
• Make recommendations on corrective action for incidents
• Produce security incident and investigation reports/briefings
• Willing to be called upon as an expert witness at criminal/civil trials
• Analyze infrastructure security incidents to determine if incident qualifies as a legitimate security breach
• Teach other team members advanced techniques in forensic investigations
• Able and willing to travel between 30-40% of the time whenever necessary
• Secure evidence and lab equipment management
• Perform security monitoring 8x5 on projects at least 3 days per week
• Examination and reviewing of forensic evidence and cases
• Creation/modification of forensic reports based on examination results
• Virtual machine and workstation management for Cyber Security and forensic purposes
• Office hours are 9am-6pm schedule and some weekends; Reports directly to Forensics Management

Professional Skills:

• Excellent problem solving skills
• Strong oral and written communication skills
• Ability to multi-task and prioritize workload
• Detail oriented investigations and communications
• Ability to communicate technical investigation results to non-technical functions such as HR or legal
• Drive to join the technology cyber security profession
• Confident and dynamic personality
• Ability to work in a fast-paced emerging environment 
• Ability to work under strict deadlines and be part of a team
• Very strong sense of ethics/values — ability to handle confidential investigations with discretion
• Ability and confidence to communicate effectively and coordinate with the internal team    

Preferred Skills:

• Experience with memory analysis software such as Volatility or Redline
• Knowledge of laws related to computer intrusions and data privacy requirements
• IT Security Architecture
• Data privacy
• Understanding of data networking and computer hardware
• Knowledge of Mac and Linux OS

*This position is open to candidates local to New York, as well as remote candidates within the U.S.