Digital Forensics and Incident Response (DFIR) Senior Associate

PwC

  • Makati City, Metro Manila
  • Permanent
  • Full-time
  • 2 months ago
Line of Service AdvisoryIndustry/Sector Not ApplicableSpecialism Cybersecurity & PrivacyManagement Level Senior AssociateJob Description & Summary A career in our Technology Consulting practice, within General Consulting services, will provide you with the opportunity to help clients seize essential advantages by working alongside business leaders to solve their toughest problems and capture their greatest opportunities. We work with some of the world’s largest and most complex companies to understand their unique business issues and opportunities in an ever changing environment. We help create sustainable change by stimulating innovation, unlocking data possibilities, navigating risk and regulatory complexity, optimising deals, and aligning costs with business strategy to create a competitive advantage.As a member of the team, you’ll work with clients to define their vision and plan how to get there. We deliver the technological solutions organisations need to compete and grow and build a lasting legacy of improvement and performance, partnering with best in class technologies and solution sets. In joining, you’ll help our clients understand and evolve the way they align Information Technology with their business strategy, create integrated end to end solutions, and use enterprise applications to solve complex business problems.About the Role:
  • Manage all aspects of a security engagement from inception to completion.
  • Evaluate and improve the effectiveness of incident response and security policies and programs in use.
  • Examine and analyze available client internal policies, processes, and procedures to determine patterns and gaps at both a strategic and tactical levels.
  • Recommend appropriate course of action to support maturing the client’s incident response program and cyber security posture.
  • Provide evidence, perform data collection, documentation, and structured analysis of forensic data and and present the findings to business users.
  • Perform triage and conduct thorough examinations of all types of digital media within client environment
  • Forensically analyze both Windows & Unix systems for evidence of compromise.
  • Perform log analysis locally and via SIEM/log aggregation tool.
  • Hunt threat actors in large enterprise networks and cloud environments.
  • Analyze and/or decipher packet captures from network protocol analyzers (Wireshark, TCPdump, etc).
About You:
  • Possess university degree(s) in Computer Science, Computer Engineering, Information Systems, Electrical, Electronic, or other IT-related subjects;
  • At least 3 years’ experience in Cyber Security - Digital Forensics and Incidence Response Services
  • Experience with cloud platforms like AWS, GCP & Azure.
  • Proficiency with industry standard forensic tools such as EnCase, FTK, X-Ways, Sleuthkit, UFED.
  • Experience in Endpoint Detection & Response (EDR) tools such as Cortex , Carbon Black , Crowdstrike
  • Certifications such as GCFA, ENCE, CHFI, etc - Preferable
  • Additional Certifications such as GCIH and GREM
  • Demonstrates extensive abilities and/or a proven record of success in the following areas:
  • Network Analysis, Memory Analysis, Endpoint Analysis, Cyber Incident Lifecycle, NIST 800-61; and,
  • Programming Languages such as Python, Perl, C/C++, C#, PowerShell, BASH, and Batch.
Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required:Degrees/Field of Study preferred: Bachelor DegreeCertifications (if blank, certifications not specified)Required SkillsOptional SkillsDesired Languages (If blank, desired languages not specified)Travel Requirements Not SpecifiedAvailable for Work Visa Sponsorship? NoGovernment Clearance Required? YesJob Posting End Date

PwC