Cyber Incident Response & Digital Forensics

Cyber Incident Response & Digital Forensics at Eliassen Group Cyber Incident Response & Digital Forensics at Eliassen Group in Long Island City, New York Posted in 5 days ago.

Type:

full-time

Job Description:

Description Hybrid 4+ days onsite in New York, NY Our client seeks a cybersecurity professional with strong digital forensics and incident response experience to support a 24x7 operations environment. The role will investigate incidents, perform memory, disk, and image forensics, and enhance security tooling and processes. The professional will analyze complex security data, communicate findings to technical and executive stakeholders, and help mature security architecture and standards. This role will influence post-incident improvements and contribute to cybersecurity platform objectives. Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate:

$70.00 to $90.00/hr. w2 Responsibilities Support a 24x7 cyber operations center through cyber incident investigation, triage, and response activities. Use tools such as Splunk, Microsoft Defender, and CrowdStrike to support incident analysis and response. Collect, interpret, and communicate technical information from investigative artefacts to executive leadership. Conduct memory, disk, and image forensics during active investigations and triage efforts. Communicate clearly with technical and non-technical audiences during incidents and post-incident activities. Provide senior-level consultation for information security infrastructure, including deployment and optimization of tools such as Axiom Forensics, Splunk, Microsoft Defender, and CrowdStrike. Contribute to the development and implementation of security architecture, standards, procedures, and guidelines across multiple platforms. Partner with business and operational infrastructure teams to recommend post-incident security improvements and support implementation. Review and analyze complex security data to provide insights, conclusions, and actionable recommendations. Define, implement, and apply security and continuity of business policies and standards aligned to recognized information security principles. Address high-risk security concerns and incidents, recommend risk mitigation actions, and support the publication of standards. Contribute to broader cybersecurity platform objectives. Experience Requirements Significant experience in digital forensics, incident response, cybersecurity operations, or a related information security function. Experience supporting or operating within a 24x7 cyber operations center environment. Hands-on experience with Splunk, Microsoft Defender, and CrowdStrike, and other incident response or threat detection platforms. Experience conducting digital forensic investigations, including memory, disk, and image analysis. Ability to collect, interpret, and communicate technical incident information to diverse stakeholder groups. Strong verbal and written communication skills for technical and non-technical audiences. Ability to manage multiple priorities, adapt quickly, and work effectively under pressure. Experience supporting enterprise information security infrastructure and optimizing security tooling. Strong analytical and problem-solving skills with the ability to assess complex data and produce actionable recommendations. Understanding of information security standards, controls, policies, and industry best practices. Experience addressing high-risk security concerns and supporting remediation or mitigation efforts. Splunk certification or equivalent demonstrated expertise (preferred). Experience contributing to security architecture and enterprise security standards in large, complex organizations (preferred). Familiarity with continuity of business principles and related security requirements, NIST, ISO (preferred). Previous enterprise cyber incident response experience in a large financial institution (preferred). Education Requirements Splunk certification or equivalent demonstrated expertise.