Job Posting for Sr. Staff - Forensics Analyst at Charles Schwab Inc.
Your Opportunity
The CSOC consists of 3 work streams; SOC (Security Operations Center), DFIR (Digital Forensics Incident Response) and Cyber Threat-Intelligence. DFIR is responsible for the identification, collection, correlation, analysis, and reporting of computer-related security events and incidents. This includes data collection and analysis from internal and external sources, to achieve the goal of reducing risk to the firm.
This individual works closely with a broad range of professionals at all levels within Schwab technology, internal and external legal, HR, and business representatives. The position will conduct investigations for malware campaigns and social engineering. The Sr. Staff - Forensics Analyst will receive and respond to escalations from the Security Event Center. They will be expected to use Cyber intelligence to proactively seek out threats and protect the firm from harm.
What you are good at
Liaison with Business Units, HR, Legal and/or external entities – Strong EnCase background
Assist in development and maintenance of the DFIR functions
Understand all phases of Incident Response and know which tasks occur at each phase: identification, containment remediation, recovery, after action reporting/lessons learned
Participate in Malware campaigns and malware analysis. including Static, Dynamic and Reverse analyzing
Complete technical forensics to include computer, memory, mobile and network forensics
Threat hunting; run searches against the SIEM for data hits or malicious activity
Identify type of attack and mitigating security reaction: denial of Service attacks (DNS, DDoS, Layer 7, etc.)
Utilize Cyber Intelligence work product for threat hunting and gauging our security posture to further strengthen security controls or providing information regarding findings to cyber intelligence
Develop indicators and cyber intelligence data to supply the Cyber Intelligence function with data for sharing, reporting and metrics
Handle high level incident response investigations coming from the Security Event Center, such as targeted web application attacks, DDoS attacks, Malware analysis or persistent scanning or foot printing activities
Ongoing networking, building intelligence networks
Continuous learning to maintain competitive advantage in the security space
Review of current tools and processes to find efficiencies or increased capabilities
Conduct investigations for malware campaigns, social engineering campaigns, and data breach events
Respond to escalated security events from the SOC in a timely manner. This may include malware analysis, targeted attacks, social engineering campaigns, DDoS attacks and related activities with 24x7 coverage
What you have
Served as Incident Response Handler
Advanced malware analysis and response. Dynamic, Static and reverse analysis
Computer, Memory & Network Forensics knowledge
Knowledge Chain of custody and proper evidence handling
Advanced and current knowledge of malware families, campaigns and related threat groups
Experience with networking environments including Windows networking, Cisco, Juniper
Experience with Unix, Linux, Mac operating systems
Experience with litigation support and e-discovery
Support complex investigations into criminal activity, computer security incidents, policy violations, and compliance inquiries using forensic best practices
Knowledge of social engineering campaigns, exploit kits, tactics and techniques used by threat groups.
Assists in threat hunting operations with the CSOC
Advanced knowledge of network security and DOS/DDoS attacks and mitigation. Including DNS and Layer 7 attacks.
Advanced knowledge of web attacks and response (Web Application Firewalls, Network Firewalls, etc)
CISSP preferred
Industry Certification Required (This may me application agnostic or Major Vendor Security Certification) Examples would be GCIH, GCFE, GCFA, CEH, ECIH, EnCE, CISM, CISA or other.
Military education or experience may be considered in lieu of civilian requirements listed
“In addition to the salary range, this role is also eligible for bonus or incentive opportunities.”
Salary.com Estimation for Sr. Staff - Forensics Analyst in Phoenix, AZ
$55,047 to $80,179
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
Sign up to receive alerts about other jobs with skills like those required for the Sr. Staff - Forensics Analyst.
Click the checkbox next to the jobs that you are interested in.