Consulting Associate/Cybersecurity & Incident Response (Forensic Services practice)

Job Description

Charles River Associates (CRA) is seeking a Consulting Associate to join its Forensic Services practice in Toronto. The role involves assisting companies in responding to allegations of fraud, waste, abuse, misconduct, and non-compliance. The Consulting Associate will work with cross-trained teams of forensic professionals to provide accounting and forensic services, as well as cybercrime investigation services.

The ideal candidate will have 3-5 years of experience in Computer Science, Digital Forensics, Information Security, and/or Information Systems, with a strong understanding of cybersecurity concepts and exceptional communication skills. They should be able to use data to solve client problems, work collaboratively, and manage their time effectively.

Responsibilities:

• Executing security and privacy investigations for CRA clients
• Providing expert digital forensic support for counsel and clients
• Assisting in the drafting of forensic reports and affidavits
• Engaging in problem-solving and forensic analysis of digital information
• Presenting tactical and strategic intelligence about threat groups
• Creating custom analytic products based on intelligence sources and research
• Performing technical analysis on malicious artifacts
• Identifying, researching, and organizing information for effective data analysis
• Programming, model building, and database administration
• Ensuring reliability of analysis through quality control measures
• Forensically acquiring data and images from identified hosts
• Detecting and hunting unknown malware across multiple hosts
• Creating Indicators of Compromise (IOCs)
• Tracking adversary activity via in-depth timeline analysis
• Identifying lateral movement and pivots within client enterprises
• Examining traffic using common network protocols
• Providing technical assessment/audit and guidance to clients on cybersecurity controls
• Participating in practice-building activities

Requirements:

• 3-5 years of experience in cyber intrusion investigation or incident response analysis
• Strong understanding of computer operating systems, software and hardware
• Ability to conduct detailed forensic investigations and analysis
• Experience with digital forensic analysis tools
• Experience with static/dynamic malware analysis and threat hunting
• Strong understanding of proper evidence handling procedures
• Experience with drafting technical and investigative reports
• Experience with utilizing automation tools and scripts
• Understanding incident handling procedures
• Understanding of common attack techniques
• Experience with vulnerability management, penetration testing, scripting, programming, reverse engineering
• Exposure to a variety of malware families
• Proficiency with Threat Intelligence Platforms and analyst software tools
• Digital forensics/incident response training and certifications

CRA offers:

• Skills development programs with 100 hours of training annually
• Career mentoring and performance coaching
• Comprehensive total rewards program including a superior benefits package
• Wellness programming
• In-house immigration support
• Work location flexibility with 3-4 days a week in the office