Job Description

Overview Come join us at Con Edison as a Senior Cyber Security Forensics Analyst. We are seeking a highly skilled and motivated individual to join our growing team. In this role, you will be involved in cyber response efforts across both OT and IT environments. You will oversee enterprise-wide forensic collections, manage large-scale response efforts, help develop and mentor a high-performing team, and present findings to senior leadership to drive strategic decision-making. If you are passionate about cyber security and eager to make a significant impact, apply now and become a part of our dynamic team.

Responsibilities

• Conduct enterprise forensic collections across IT and OT environments, ensuring accurate and thorough acquisition of evidence.
• Analyze and interpret data to identify indicators of compromise, attack vectors, and root causes.
• Provide recommendations for corporate incident response plans and post-incident reviews.
• Continuously evaluate and improve forensic response processes, tools, and methodologies.
• Serve as a technical SME for more junior members of the forensics team.
• Collaborate with other cybersecurity teams (e.g., Red Team, vulnerability management, CSOC) to enhance overall detection, response, and mitigation efforts.
• Ability to preserve digital evidence, through industry standard best practices.
• Perform reverse engineering malware and conducting static and dynamic analysis of files when required.
• Perform detailed network analysis utilizing open-source and commercial tools.
• Ability to utilize social media/open source for research.
• Identify digital artifacts in a wide range of mobile, embedded, desktop, and server architectures.
• Maintain and improve forensics laboratory.

Qualifications

• Master's Degree and a minimum of (2) years of Digital Forensics, Incident Response, or other related DFIR experience or
• Bachelor's Degree and a minimum of (3) years of Digital Forensics, Incident Response, or other related DFIR experience or
• Associate's Degree and a minimum of (4) years of Digital Forensics, Incident Response, or other related DFIR experience or
• High School Diploma/GED and a minimum of (5) years of Digital Forensics, Incident Response, or other related DFIR experience

• Previous Digital Forensics/Incident Response experience, required.
• Proficient in using known commercial and/or open source, incident response and forensic software, required.
• Understanding of industry standard policies, processes, and procedures, required.
• Understanding of chain of custody, required.
• Previous experience creating timelines and completing a root cause analysis, required.
• Proficiency in collecting, analyzing the evidence collected and creating reports based on the findings to different stakeholders: (Technical, Executive, etc.), required.
• Knowledge of current and evolving cyber threat landscape, required.
• Understanding of OT systems, protocols, and industrial control systems (ICS), required.
• Ability to remain agile and work in a fast-paced environment, required.
• Highly organized and detail oriented, required.
• Demonstrated analytical and impact analysis skills, required.
• Ability to handle multiple priorities effectively, required.
• Strong ethical standards and commitment to maintain confidentiality, required.

• Strong verbal communication and listening skills
• Demonstrated written communication skills
• Demonstrated analytical skills
• Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.

• Driver's License Required
• Other: Relevant DFIR certifications such as GCIH, GCIA, GCFE, EnCE, GREM, CFCE or similar.

• The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
• Must be able and willing to travel within Company service territory, as needed.

Job Tags

Similar Jobs