- Deep understanding of forensic artifacts, including analysis of operating system artifacts and recovery of deleted items from Windows, Linux, Mac, and RAM/memory forensics

- Thorough experience analyzing network and operating system log files such as Windows Event logs, Unified Audit Logs, Firewall logs, VPN logs, etc.

- Thorough knowledge of Windows disk and memory forensics, Network Security Monitoring (NSM), network traffic analysis, and log analysis, Unix or Linux disk and memory forensic

- Proficiency with enterprise security controls

- Master of delivering technical findings to non-technical audiences

- Ability to provide findings confidently and factually

- Thorough knowledge and experience handling PII, PHI, sensitive, confidential, and proprietary datasets

- Comprehensive experience with Cyber insurance investigations

Job Requirements :

- Bachelors degree in information security, computer science, digital forensics, or cyber security and 8+ years of incident response or digital forensics experience or Master's degree and 6+ years related experience or Doctorate, and 4+ years related experience

- Mastery of tools like EnCase, Axiom, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, Wireshark, TCP Dump, and other open-source forensic tools

- Possess two or more of the following Certifications : Security +, Network+, SANS GCED, GCIH, GCFE, GCFA, CEH, CH