Sr Digital Forensics Incident Response Analyst

Job Description

Senior Analyst, Digital Forensics Incident Response

Thermo Fisher Scientific's Mission is to enable our customers to make the world healthier, cleaner, and safer, and the global coronavirus (COVID-19) outbreak is a powerful reminder of the importance of that Mission! In fact, Thermo Fisher is at the forefront of the global response to COVID-19. We are working with governments, agencies, industry partners and researchers globally to ensure priority access to instruments, consumables, safety supplies and other products to address the outbreak. Our efforts have been particularly focused in supporting analysis of the virus, diagnosis, personal protection, and helping in the development of new therapeutics and vaccines!

Job Title: Senior Threat Analyst, Digital Forensics Incident Response

This role shares global responsibility for digital forensics and incident response in relation to cybersecurity threats and incidents impacting the company. Additionally, this individual will improve upon existing capabilities through the development of additional processes and technical solutions.

What will you do?

• Conduct digital forensic investigations in response to high or critical security incidents independently or as part of a team
• Develop and share relevant threat intelligence with various team members to improve existing detection and response capabilities
• Lead development of forensic playbooks and scalable procedures, and evaluate/recommend technical solutions to reduce risk across the enterprise
• Develop solutions and strategies to build and deploy scalable tools to enable incident response for the team and the global SOC
• Provide mentorship and guidance to junior team members
• Apply your knowledge of the current and emerging threat landscape to active threat hunting exercises

How will you get here?

Education

• Bachelor's Degree in cybersecurity, computer science, engineering, or another relevant field.
• Relevant technical certifications a plus, such as: GCIH, GCFA, GCFE, GREM, GCTI and others
• Equivalent work experience also accepted

Experience

• 5+ years of combined cybersecurity experience, particularly in forensics, architecture, and incident response fields
• In depth experience with Windows, Linux, and MacOS
• Experience in using one or more of the following: Magnet Axiom, AccessData FTK, Encase, X-Ways, The Sleuth Kit/Autopsy, Volatility
• Experience automating workflows with one of the following PowerShell, Bash, Python
• Familiarity with the TCP/IP suite of protocols
• Experience conducting forensic investigations based on EDR, XDR, memory, disk, and log-based evidence
• Experience conducting static and dynamic malware reverse engineering
• In depth knowledge of Cloud, Web Application and API security, including conducting forensic investigations on their technology stacks
• Familiarity with Windows and Unix process and memory structures

Knowledge, Skills, Abilities

• Strong English skills
• Attention to detail and excellent documentation skills
• Ability to explain technical details to business leadership with a focus on encouraging technical changes or investment where appropriate

What is in it for you?

• A competitive salary and performance related bonus structure
• Exposure to market leading & innovative technologies
• Career development opportunities as part of a leading global organization

At Thermo Fisher Scientific, each one of our 100,000+ extraordinary minds have a unique story to tell. Join us and contribute to our singular mission-enabling our customers to make the world healthier, cleaner, and safer.