Principal Digital Forensics Analyst

Other Locations

• Clayton, MO, US
• Getzville, NY, US
• Rancho Cordova, CA, US
• Tampa, FL, US

• Plan and build capabilities to establish and mature the forensics program.
• Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes.
• Set strategy and build forensics capabilities to support Centene’s strategic direction.

• Architect, design and build forensic process and technology. Provide requirements and assist team in building Forensics lab to meet needs of the program.
• Establish and mature forensic program. Incorporate best in class process and technology from Digital Forensics Incident Response (DFIR) community.
• Collect, preserve, and analyze digital evidence from electronic data sources, including laptops, desktops, servers, and infrastructure devices.
• Investigate incidents leveraging common forensics tools to analyze memory, hard drive, malware, and network based artifacts.
• Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes
• Prepare and review written technical reports that document case findings and lead the internal development of DFIR policies and procedures.
• Security related certifications preferred

• Bachelor’s degree in Computer Science, IT, Security, Forensics or related field.
• 7+ years of cyber security, forensics, incident response, or threat hunting experience.
• Preferred Skills:
  • Live host forensics
  • Creation of Intelligence Reports and Products
  • Data source identification, collection, enrichment and analysis, Endpoint, Network security analysis
  • Creation, research and mitigation of memory corruption vulnerabilities and exploits
  • Malware analysis or Reverse Engineering
  • Splunk (SEIM) experience in custom queries, searches, creating correlated alerts, and dashboard creation
  • Nessus or Nexpose vulnerability scanning, configuration and report generation experience

• Certified Ethical Hacker (CEH)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Reverse Engineering Malware (GREM)
• GIAC Cyber Threat Intelligence (GCTI)
• Offensive Security Certified Professional
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Analysist (GCFA)
• GIAC Certified Pentester (GPEN)