Senior Digital Forensics & Incident Response Consultant
Location : Tokyo Metropolis
Post Date : 11 November 2016
Employment Type : Permanent
Job Reference : 22389-FS
Job Classification : Financial Services
Provide incident response and digital forensics services as part of their consulting practice and looking for incident response and forensics analyst consultant.
Our team of experts covers a range of incident assignments, including:
- Analyzing data breaches, determining the cause and extent of data loss, and advising on immediate, mid-term and long-term remediation;
- Briefing and/ or advising executive management on breach response and best practices;
- Handling complex computer forensics investigations and providing expert services in data leakage, employee malfeasance, and APT investigations;
- Providing focused e-discovery consulting, collection and processing;
- Providing breach plan after-action analysis
- Providing CSIRT plan and program development and disclosure planning through tabletop and war gaming scenarios and compliance integration. We’re looking for someone with:
- A love of all things tech
- In-depth incident response/ computer forensic experience
- An understanding of why firms and corporations hire consulting firms and who the competitors are in the field
- Previous consulting exposure is required to understand the lifestyle
- The enthusiasm and sense of humor to be part of a rapidly growing team
- Ability to travel up to 70% (not kidding)
- Provide weekend and holiday coverage when on-call
The right candidate will be obsessed with accuracy but still able to get relevant results to clients ahead of schedule; be able to triage multiple cases; function in a highly confidential environment; survive without an administrative assistant; and able to work in a team or on their own.
While highly technical, the position also requires an understanding of what makes people tick. In particular, the right candidate will have the ability to rapidly shift gears between a techie and an investigative mindset, and have excellent research skills, being able to analyze and synthesize data from different sources.
The position requires on-site investigations at clients’ premises throughout Japan, and potential travel overseas. By the nature of incident response, the job can be 24/7 – though we provide a flexible worksolution environment.
Skills, Knowledge & Ability Requirements
- Fluent Japanese mandatory
- At least 2 years’ active experience as part of an incident response team (either in-house or as a consultant) - for IR Handler
- At least 5 years’ active experience as part of an incident response team (either in-house or as a consultant) and 2 years leading multiple investigations - for Senior IR Handler
- Two or more of the following certifications (one certification from each group minimum): o Group 1: GIAC Certified Incident Handler (GCIH); GIAC Certified Intrusion Analyst (GCIA); GIAC Reverse Engineering Malware (GREM); o Group 2: GIAC Certified Forensic Analyst (GCFA); GIAC Certified Forensic Examiner (GCFE); Encase Certified Examiner (EnCE); Certified Computer examine (CCE); AccessData Certified Examiner (ACE) o Working knowledge of forensic tools such as Encase, FTK, Helix, Knoppix, Slax, Sleuthkit, SIFT, BlackLight and/or MacForensicsLab. o Experience with Unix, Linux, Mac, and Windows systems; a solid understanding of networking, firewalls, and the various protocols involved in data sharing and communications o Working knowledge of current data collection, storage, and chain of custody best practices o Excellent reporting skills (both written and verbal) o Strong PCI (Payment Card Industry) knowledge and experience
Not essential, but nice-to-have, experience:
- Experience with Snort, Nmap, and/or Backtrack. Understanding the managed security services (MSS) and log retention services.
- Ability to surreptitiously monitor a network and construct a honeypot.
- Working knowledge of cell phone/ PDA forensic tools (e.g. Paraben Device Seizure, Guidance Neutrino, BitPim, Cellebrite, AccessData Mobile Kit).
- Experience testifying, preferably as an expert, in the area of digital investigations or info sec best practices.
- Experience presenting to potential clients or trade groups in the area of incident response or computer forensics.
- Knowledge of open-source analysis, collection, and file repair tools.
- Experience scripting (e.g. Perl, Python, Enscript, Bash, PowerShell, and Ruby) and/ or coding.
- Experience with malware assembly / debugging / reversing.
- Experience working in a data-regulated industry (e.g. HIPAA, breach notification laws, PCI, SOX); credit card fraud investigation.