Work with Us
Interested in applying for this position?
Email us at email@example.com with your cover letter and resume.
Digital Forensics and Incident Response Analyst
Technical member of Gillware’s data breach, incident response and cybersecurity risk management teams. The primary responsibility of this role will be responding to and investigating organizations impacted by a data breach.
- Perform reactive incident response functions including but not limited to host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
- Provide immediate onsite and remote support for digital forensics, incident response, and litigation support as needed
- Conduct defensible data acquisitions and analysis
- Preserve and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices.
- Process collected data in various digital forensic, litigation support, and data analytics tools
- Produce high quality oral and written work product, presenting complex technical matters clearly and concisely.
- Demonstrate skills at the identification, collection, preservation, processing of data as part of the investigation process
- Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
- Provide support on incident response engagements to senior level team members to guide clients through forensic investigations, contain security incidents, and provide guidance on longer-term remediation recommendations.
- Ability to perform light travel requirements as needed to meet business demands (on average 20%).
- 1-2 years of incident response or digital forensics experience with a passion for cybersecurity
- Proficient with host-based forensics and data breach response
- Experienced with IR and forensics tools, such as, Magnet Axiom, EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, Wireshark, TCPDump, and open source forensic tools
- Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field
- Additional core competencies a plus such as data analytics and/or eDiscovery
- GCFE, GCIH, CCE, EnCE or equivalent digital forensics / incident response certification preferred, but not required.
- Established experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.).
- Proficiency with database querying and analysis.
- Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure.
- Experience with conducting log analysis of Windows Event Logs, Apache, IIS, and firewall logs.
- Ability to conduct basic malware analysis.
- Experience with command line tools (grep, sed, awk, powershell), python, and other programming languages.
- Familiarity with computer system hardware and software installation and troubleshooting.
- Well-developed analytic, qualitative, and quantitative reasoning skills and demonstrated creative problem-solving abilities.
- Strong shell, C, C++ and/or Java programming skills and proficiency in Assembler languages a plus.
- Proficiency with MS Office Applications, and familiarity with Windows, Macintosh and Linux operating systems.
- Collaborative, hard-working, energetic team culture
- Excellent benefits – Vision, Medical, and Dental
- 401K with company match
- Unlimited PTO/time off policy
- Bonuses for stellar performance
Gillware provides incident response, digital forensics, cybersecurity, and data recovery services to legal and insurance professionals, corporate IT, in-house security teams, law enforcement, and everything in between. Founded in 2003, Gillware supports a global network of partners and clients from its offices in Madison and Milwaukee, WI. Gillware’s digital forensics operation is led by Cindy Murphy, a leading forensics investigator and educator with over two decades of professional experience in the field. Gillware’s team of computer scientists, researchers and investigators leverage years of experience and state-of-the art tools to deliver unparalleled results in the most challenging cyber security, digital forensics and disaster recovery scenarios.