_csis investigations grp mgr.
is responsible for supporting bussines-as-usual (bau) cyber investigations throughout the incident response lifecycle.
even though investigations take place in diverse technical and operational environments and involve coordination of activities with local and global multidisciplinary groups.
the objectives of the investigations conducted by csis are to identify underlying control failures and root causes, identify network security incidents and cyber events._
*main responsibilities*:
- conduct professional and independent cyber investigations in order to identify underlying control failures and root causes, enforce the policies of the firm, identify network security incidents and cyber events, and to cause and/or support prosecutions and civil litigation, if appropriate conduct and/or support teams for conducting in-deep forensic analysis.
- document investigation activities in the investigations' tracking system.
- work with multidisciplinary groups for defining remediation activities, when applicable.
- work with peer investigator from other regions for global investigations.
- engage with strategic initiatives analyst team and gia teams for relevant investigation analysis.
- engage with hr teams to provide guidance about sanctions to involved employees.this position is described as an individual contributor it has no reports.
this position does not have any responsibility of budget administration.
in the short term, it is expected this position supports an average of eight cases per month (regional or global)
*qualifications*:
*education, experience and knowledge*:
- computer science college degree.
- 3+ years working in computing related roles
- excellent communication and presentation skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with clients and it management and staffs.
- ability to communicate technical issues to technical and non-technical individuals.
- ability to understand strategic objectives and vision, and work towards those goals.
- dedicated and self-driven desire to research current information security landscape.
- exhibit strong influencing / negotiation skills as well as written/verbal communication skills.
- ability to work without constant supervision.
- ability to share knowledge with teammates.
- advanced english proficiency (verbal, writing and reading skills)
*intermediate proficiency level in the following operating systems*:
*linux/unix*
- system administration
- advanced command line
- shell code
- networking
- file system
- linux security
- linux hardening
- memory dump
- application security
- linux security and admin utilities
- digital forensics is a plus.
- gcux or similar certification is a plus.
- linux cryptographic tools is a plus
- *
windows*:
- system administration
- advanced powershell code
- networking
- file system
- windows security
- windows hardening
- application security
- windows security and admin utilities
- digital forensics is a plus.
- windows cryptographic tools is a plus
- *
other os such as solaris, aix, hp_ux mac os x is a plus.
*
*networking*
understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection/prevention systems, encryption, load balancing, and other network protocols.
*development tools*
basic experience writing perl, python, scripting, programming, or other languages, advanced experience is a plus.
*cloud computing*
experience in aws, azure and google cloud environments is a plus.
*others*
experience with reverse engineering malicious code, disassembler tools and web/network penetration testing is a plus.
- *job family group*:
corporate services
- *job family*:
investigations
- *time type*:
full timeciti is an equal opportunity and affirmative action employer.
qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
view the "*eeo is the law*" poster.
view the *eeo is the law supplement*.
view the *eeo policy statement*.
view the *pay transparency posting