Crown Castle IT Senior Forensic & IR Analyst in Canonsburg, Pennsylvania
Crown Castle works around the country to build and maintain the infrastructure behind the world’s most revolutionary technologies. Crown Castle owns, operates and leases more than 40,000 cell towers and over 60,000 route miles of fiber supporting small cells and fiber solutions across every major US market. This nationwide portfolio of communications infrastructure connects cities and communities to essential data, technology and wireless service – bringing information, ideas and innovations to the people and businesses that need them. Crown Castle is an S&P; 500 company and one of the largest Real Estate Investment Trusts in the United States with an enterprise value of approximately $60 billion.
Position Title:IT Sr. Forensic & IR Analyst
The IT Sr. Forensic & Incident Response Analyst is responsible for understanding the current and emerging threat landscape; incident response program development, deployment and maintenance; forensic investigation program development, deployment and maintenance; litigation holds and other electronic discovery requests; coordination and execution of all incident response activities enterprise wide and comprehensive reporting of all incidents and investigations. This position combines project-based work and operational assignments. This will require practical use and understanding of forensic, incident response and security protocols and standards, as well as a solid working knowledge of information security principles and practices.
Essential Job Functions
Research attempted efforts to compromise security protocols.
Manage and perform incident response, including digital forensic activities.
Support ongoing internal investigations and litigation matters throughout the entire chain of custody.
Perform file-system analysis and file carving (for example, to extract email, documents, malicious binary code, and other trace evidence).
Establish timelines and patterns of activity of individuals and electronic devices and software.
Create detailed reports that address both technical and non-technical findings and impacts of events and incidents.
Consult with Company Legal team on privacy, policy, and compliance concerns.
Develop remediation plan of actions as a result of investigative discovery within Company business and IT infrastructure.
Communicate with stakeholders to ensure both confidentiality of information and expedient evidence collection.
High school diploma or equivalent
Bachelor’s degree in Computer Science or Engineering or equivalent experience in a related field
Minimum of seven (7) to ten (10) years of experience with enterprise level security networking (CISSP certification preferred)
Must have demonstrated incident response and digital forensic capabilities (Certifications such as GCFA, GCFE, GREM, GCIH, GCIA, ACE, EnCE, and/or CCE are desired)
Must have strong written and oral communication skills
Must be able to work effectively under pressure and meet deadlines
Must be able to multitask and prioritize tasks effectively
Must demonstrate motivation and desire to learn new skills and technologies
Must have strong troubleshooting and analytical skills
Experience managing large and small scale incidents
Experience leading digital forensic investigations
Experience with the following tools: Helix, Encase, FTK, Wireshark, Reg Ripper, NMAP, Truecrypt, Notepad++, FTK Imager, HBGary
Familiarity with the following technologies: Active Directory, Virtualization platforms, Microsoft Windows, Unix, Linux, Mac OS X, LDAP, Active Directory, 802.11 wireless, firewalls, routers, network protocols and architecture, databases, VPN/RAS, IDS/IPS
Experience with log analysis from various formats
Understanding of risk-based frameworks
Understanding of one or more frameworks: PCI-DSS, Sarbanes Oxley, NERC-CIP, HIPAA, FISMA, ISO, COBIT, NIST
Broad information security knowledge and experience
UNIX,LINUX, Windows Operating Systems
Familiar with FTK or similar digital forensics
Strong understanding of network protocols, TCP/IP and host-based firewalls
Strong understanding of encryption
Experience with Malware and reverse engineering of malicious code
Experience writing and interpreting scripts
Reports to:Director Information Security
Title(s) of direct reports (if applicable):N/A
Working Conditions:Works in a normal office setting with no exposure to adverse environmental conditions.
Crown Castle is an Equal Opportunity Employer.
Posting Location: PA - Canonsburg
# of openings: 1