Associate/Cybersecurity & Incident Response (Forensic Services practice)

Job Description

Charles River Associates (CRA) is seeking a highly motivated and analytical Associate to join their Forensic Services practice, focusing on Cybersecurity & Incident Response. This role involves supporting companies in responding to allegations of fraud, waste, abuse, misconduct, and non-compliance. The ideal candidate will have 2-4 years of experience and a background in Computer Science, Digital Forensics, Information Security, or Information Systems.CRA offers robust skills development programs, including 100 hours of training annually, and a comprehensive total rewards program.Responsibilities:

• Executing security and privacy investigations for clients.
• Providing expert digital forensic support for counsel and clients.
• Assisting in drafting forensic reports and affidavits.
• Engaging in problem-solving and forensic analysis of digital information.
• Identifying, researching, and organizing information to assess data sufficiency.
• Programming, model building, and database administration.
• Ensuring reliability of analysis through quality control measures.
• Forensically acquiring data and images from identified hosts.
• Detecting and hunting unknown malware across multiple hosts.
• Creating Indicators of Compromise (IOCs) to strengthen incident response.
• Tracking adversary activity via in-depth timeline analysis.
• Identifying lateral movement and pivots within client enterprises.
• Examining traffic using common network protocols.
• Providing technical assessment/audit and guidance to clients on cybersecurity controls.
• Participating in practice-building activities including recruiting and training.

Requirements:

• Strong understanding of computer operating systems, software, and hardware.
• Experience with conducting digital forensic analysis using commercial and open source forensic tools.
• Experience with conducting static/dynamic malware analysis and threat hunting.
• Strong understanding of proper evidence handling procedures and chain of custody.
• Experience with drafting technical and investigative reports.
• Experience with utilizing automation tools and scripts.
• Understanding incident handling procedures.
• Understanding of common attack techniques.
• Digital forensics/incident response training and certifications (e.g., SANS GIAC, IACIS, Magnet MCFE, X-ways X-Pert).

What CRA offers:

• Skills development programs with 100 hours of training annually.
• Comprehensive total rewards program.
• Wellness programming.
• In-house immigration support.