Cyber Security Forensics Analyst

OverviewJoin Con Edison as a Cyber Security Forensics Analyst! We are seeking a highly skilled and motivated individual to join our growing team. In this role, you will be involved in cyber response efforts across both OT and IT environments. You will oversee enterprise-wide forensic collections, manage large-scale response efforts, develop as a member of a high-performing team, and present findings to senior leadership to drive strategic decision-making. If you are passionate about cyber security and eager to make a significant impact, apply now and become a part of our dynamic team. ResponsibilitiesCore Responsibilities • Conduct enterprise forensic collections across IT and OT environments, ensuring accurate and thorough acquisition of evidence. • Analyze and interpret data to identify indicators of compromise, attack vectors, and root causes. • Provide recommendations for corporate incident response plans and post-incident reviews. • Continuously evaluate and improve forensic response processes, tools, and methodologies. • Collaborate with other cyber security teams (e.g., Red Team, vulnerability management, CSOC) to enhance overall detection, response, and mitigation efforts. • Ability to preserve digital evidence through industry standard best practices. • Perform malware reverse engineering and conduct static and dynamic analysis of files when required. • Perform detailed network analysis utilizing "open-source" and commercial tools. • Ability to utilize social media/open source for research. • Identify digital artifacts in a wide range of mobile, embedded, desktop, and server architectures. • Maintain and improve forensics laboratory. QualificationsRequired Education/Experience • Bachelor's Degree and a minimum of two (2) years of Digital Forensics, Incident Response, or other related DFIR experience • Associate's Degree and a minimum of four (4) years of Digital Forensics, Incident Response, or other related DFIR experience • High School Diploma/GED and a minimum of five (5) years of Digital Forensics, Incident Response, or other related DFIR experienceRelevant Work Experience • Previous Digital Forensics/Incident Response experience, required. • Proficient in using known commercial and/or open source, incident response and forensic software, required. • Understanding of industry standard policies, processes, and procedures, required. • Understanding of chain of custody, required. • Previous experience creating timelines and completing a root cause analysis, required. • Proficiency in collecting, analyzing the evidence collected and creating reports based on the findings to different stakeholders: (Technical, Executive, etc.), required. • Knowledge of current and evolving cyber threat landscape, required. • Understanding of OT systems, protocols, and industrial control systems (ICS), required. • Ability to remain agile and work in a fast-paced environment, required. • Highly organized and detail oriented, required. • Demonstrated analytical and impact analysis skills, required. • Ability to handle multiple priorities effectively, required. • Strong ethical standards and commitment to maintain confidentiality, required.Skills and Abilities • Strong verbal communication and listening skills • Demonstrated written communication skills • Demonstrated analytical skills • Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.Licenses and Certifications • Driver's License Required • Other: Relevant DFIR certifications such as GCIH, GCIA, GCFE, EnCE, GREM, CFCE or similar PreferredAdditional Physical Demands • The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. • Must be able and willing to travel within Company service territory, as needed. • Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required.