- Full Time
Lead IT Security forensic investigator for computer security, legal and human resources incidents at PenFed.
Mentor other Incident Response Team and Forensic employees in incident response and forensic skills
Lead the Incident Response Team and be primary technical incident handler in large incidents.
Responsible for proper handling of evidence in accordance with chain of custody practices including coordination with internal investigators and law enforcement.
Maintain any evidence collected by PenFed, and serve as an expert witness should any criminal prosecutions require it.
Provide forensic and operational support for incident response activities.
Investigate possible intrusions, develop indicators of compromise (IoCs) based on forensic investigation, and add those IoCs to the security automation platform through YARA and/or Snort rules.
Research and develop new forensic methodologies and tools.
Build and integrate findings into a Threat Intelligence workflow and process.
Lead hunting activities.
Research and recommend Digital Forensics and Incident Response products for purchase.
Provide support and escalation for daily monitoring activities.
Create procedures and processes for integrating Digital Forensics into currently existing Incident Response Processes.
Work with project and development teams of new business solutions to define and include incident response related requirements.
Responsible engineer for forensic tools such as EnCase, including installing, maintaining, administering and customizing.
Administer forensic workstation(s).
Bachelor’s Degree in information technology or related field required.
Minimum of ten (10) years’ of experience in IT Security is required.
Minimum of five (5) years’ of experience in forensics investigations is required.
Windows forensics experience required.
Complete knowledge of the digital evidence lifecycle from seizure to disposal required.
Extensive knowledge of Windows Operating System and a working knowledge of Active Directory Management required.
EnScript or Python experience required.
Understand network protocols and packet capture preferred.
Linux, Mac, iPhone forensics experience preferred.
Linux administrative experience is preferred.
Malware Analysis skills preferred.
Compiled language experience preferred.
YARA, Snort or other signature writing experience preferred.
Bending, Stretching or Reaching
Talking on the phone, person-to-person & in group
xHearing on the phone, person-to-person & in group
xVision for near, mid-range, far, peripheral, depth and color
xUse of computer
xUse of telephone
xUse of office equipment
xPushing/pulling/lifting/ carrying from 5 to 50 lbs.
Founded in 1935, and still growing, we began as the War Department Federal Credit Union. Today, PenFed is one of the country’s strongest and most stable financial institutions with over 1.5 million members and over $21 billion in assets. We serve members in all 50 states and the District of Columbia, as well as on military bases in Guam, Puerto Rico and Okinawa.
Our mission isn’t simply to help our members get by. We exist to help them realize every ounce of their potential. We exist to educate, and to encourage. We exist to usher their dreams into the land of reality.
We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.PenFed is an Equal Opportunity Employer PenFed will maintain and observe personnel policies which will prohibit discrimination or harassment against a person because of race, color, creed, age, sex, gender, religion, national origin, ancestry, genetic information, military or veteran status or obligation, the presence of a physical and/or mental disability and all other statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same. PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 703-838-1568.