Cra - Boston, MA

posted about 2 months ago

Full-time - Entry Level
Remote - Boston, MA
Professional, Scientific, and Technical Services

About the position

Charles River Associates (CRA) is seeking an Associate for its Cybersecurity & Incident Response team within the Forensic Services practice. This role is designed for individuals who are curious, analytical, and highly motivated, with a background in Computer Science, Digital Forensics, Information Security, or Information Systems. The ideal candidate will have 2-4 years of relevant experience and a strong understanding of cybersecurity concepts. Associates will be expected to leverage their knowledge and skills to solve complex client problems, work collaboratively within a team, and manage their time effectively while taking ownership of their work. In this position, Associates will execute security and privacy investigations for CRA clients, addressing data security matters such as breach detection, threat analysis, incident response, and malware analysis. They will provide expert digital forensic support for clients and counsel during data security incidents, including drafting forensic reports and potentially testifying as experts in the field. The role involves engaging in problem-solving and forensic analysis of digital information, utilizing standard evidence handling techniques and computer forensics tools. Associates will also be responsible for identifying, researching, and organizing information to assess the appropriateness and sufficiency of available data for effective analysis. They will develop familiarity with various data inputs, including threat intelligence and logging data, and recognize relationships among multiple sources of information to facilitate effective data analysis. Programming and database administration skills will be utilized, with a focus on languages such as Python, T-SQL, VBA, and C#. Quality control measures and documentation will be essential to ensure the reliability of analysis and risk management. The role requires forensically acquiring data and images from identified hosts, locating evidence of compromise, and determining the impact through disk, file, memory, and log analysis. Associates will also detect and hunt for unknown malware across multiple hosts, create Indicators of Compromise (IOCs), and track adversary activity through in-depth timeline analysis. Understanding the evidence needed to determine the type of malware used in attacks and identifying lateral movement within client enterprises are critical components of the role. Additionally, providing technical assessments and guidance on cybersecurity controls in accordance with various frameworks will be part of the responsibilities. Participation in practice-building activities, including recruiting and training, is also expected.

Responsibilities

  • Executing security and privacy investigations for CRA clients in response to data security matters.
  • Providing expert digital forensic support for counsel and clients during data security incidents.
  • Assisting in the drafting of forensic reports and testifying as an expert in digital forensics and incident response.
  • Engaging in problem-solving and forensic analysis of digital information using standard evidence handling techniques.
  • Identifying, researching, and organizing information to assess the appropriateness and sufficiency of available data.
  • Developing familiarity with data inputs such as threat intelligence and logging data.
  • Recognizing relationships among multiple sources of information for effective data analysis.
  • Programming, model building, and database administration using languages like Python, T-SQL, VBA, and C#.
  • Ensuring reliability of analysis and risk management through quality control measures and documentation.
  • Forensically acquiring data and images from identified hosts and locating evidence of compromise.
  • Detecting and hunting unknown malware across multiple hosts in an enterprise environment.
  • Creating Indicators of Compromise (IOCs) to strengthen incident response efforts.
  • Tracking adversary activity through in-depth timeline analysis.
  • Understanding the evidence needed to determine the type of malware used in attacks and appropriate defenses.
  • Identifying lateral movement within client enterprises to show how adversaries transition between systems.
  • Using physical memory analysis tools to determine adversary activities on hosts.
  • Examining traffic using common network protocols to identify patterns of activity.
  • Providing technical assessments and guidance on cybersecurity controls according to various frameworks.
  • Participating in practice-building activities including recruiting and training.

Requirements

  • 2-4 years of experience in cybersecurity, digital forensics, or information security.
  • Strong understanding of computer operating systems, software, and hardware.
  • Ability to conduct detailed forensic investigations and analysis of computers, networks, mobile devices, and removable media.
  • Experience with conducting digital forensic analysis using commercial and open-source forensic tools.
  • Experience with conducting static/dynamic malware analysis in a lab environment and threat hunting in a live environment.
  • Strong understanding of proper evidence handling procedures and chain of custody.
  • Experience with drafting technical and investigative reports and communicating technical findings.
  • Experience with utilizing automation tools and scripts to expedite analysis.
  • Understanding incident handling procedures: preparation, identification, containment, eradication, and recovery.
  • Understanding of common attack techniques used by adversaries on victim networks.

Nice-to-haves

  • Digital forensics/incident response training and certifications, including SANS GIAC (GCFA, GCFE, GNFA, GIME), IACIS (CFCE or CIFR), Magnet MCFE, X-ways X-Pert or similar.
  • Experience in collegiate computer security competitions.

Benefits

  • 100 hours of training annually through formal and informal programs.
  • Wellness programming to support physical, mental, emotional, and financial well-being.
  • In-house immigration support for foreign nationals and international business travelers.
  • Comprehensive total rewards program including a superior benefits package.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service