Digital Forensics and Incident Response (DFIR) Manager

| Atlanta, GA
Sorry, this job was removed at 12:58 p.m. (CST) on Wednesday, August 24, 2022
Find out who's hiring in Atlanta, GA.
See all Cybersecurity + IT jobs in Atlanta, GA
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Description

Cognizant has an immediate opening for Digital Forensics and Incident Response (DFIR) Manager. If your background meets the requirements and skills listed below, this could be the ideal opportunity for you!

Location: Any US Location

Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Job Summary:

Cognizant requires Cyber Investigations Analysts to expand and manage the Cyber Security Threat Intelligence and Cyber Security Incident Response Team (CSIRT) functions for its Healthcare and Corporate services line of business. The individual will contribute to the functional management and oversight of the collection and analysis of threat intelligence, event analysis, malware analysis, automation and orchestration, and incident response.

Roles and Responsibilities:

  • Contribute to the execution of Cyber Security operations, incident response, and investigations spanning across all functions of the Corporate Security organization.
  • Perform Cyber Security operations as directed by the Cognizant standard processes and procedures.
  • Rapidly and accurately determine the source of a security incident and moving quickly to identify and apply containment, mitigation, and remediation steps.
  • Leverage the corporate incident case management solution to document and report on incidents to meet audit, compliance, and legal requirements.
  • Conduct in-depth root cause analysis on complex malware and user/system behaviour event
  • Gather and analyze forensic evidence for cyber security incidents and investigations.
  • Design and implement threat and event analysis automation to improve the speed and accuracy of incident identification and mitigation
  • Develop and document enhanced event analysis and incident response processes and procedures

Qualifications:

  • The candidate should have a bachelor's degree in Computer Science, Electronics, or related field, or equivalent experience
  • 3-5 years of experience with digital forensics, incident response, or information security analysis
  • Experience with using Windows, Linux, and MacOS and basic internal protocols, including TCP/IP
  • Experience with host-based forensic analysis and techniques
  • Experience conducting Malware Analysis, both static and dynamic methodologies.
  • Experience with network intrusion analysis and techniques
  • Knowledge of configuring and implementing technical security solutions, including SIEM, IDAM, IDS/IPS, EDR, vulnerability management or assessment, malware, or forensics
  • BA or BS degree in IT, CS, or Cyber

Additional Qualifications:

  • Experience with a common scripting or programming language, including Perl, Python, Bash, or PowerShell
  • Experience with QRadar, Cisco AMP, Magnet AXIOM and SIFT tool sets.
  • Experience with commonly used forensic toolsets, including EnCase, FTK, or BlackLight.
  • Experience with cyber security automation and orchestration development, including advanced scripting in multiple languages such as Python, Ruby, PowerShell, etc
  • Experience performing forensic analysis of systems with purpose-built solutions or by manual process and open source utilities as appropriate.
  • Experience reviewing raw logs and performing advanced data correlation and analysis (i.e. firewall, network flow, IPS, endpoint protection, web application, host OS, database, AAA, etc).
  • Active Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Examiner (GCFE), or GIAC Certified Forensic Analyst (GCFA) Certification CISSP or other equivalent certifications related to cyber forensics and incident handling is a plus.


Salary and Other Compensation:

The annual salary for this position is between $[105K - 125K] depending on experience and other qualifications of the successful candidate.

This position is also eligible for Cognizant's discretionary annual incentive program, based on performance and subject to the terms of Cognizant's applicable plans.

Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

  • Medical/Dental/Vision/Life Insurance
  • Paid holidays plus Paid Time Off
  • 401(k) plan and contributions
  • Long-term/Short-term Disability
  • Paid Parental Leave
  • Employee Stock Purchase Plan

Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.

#LI

#Remote

More Information on Cognizant
Cognizant operates in the Information Technology industry. The company is located in Teaneck, NJ, New Haven, CT, Edina, MN, Englewood, CO and Pheonix, AZ. It has 301000 total employees. To see all 133 open jobs at Cognizant, click here.
Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about CognizantFind similar jobs