Job Description

Consulting Associate/Cybersecurity & Incident Response

Boston, MA, United States; Chicago, IL, United States; Dallas, TX, United States; Houston, TX, United States; Washington, DC, United States

About Charles River Associates

CRA is a leading global consulting firm that provides independent economic and financial analysis behind litigation matters, guides businesses through critical strategy and operational issues to become more profitable, and advises governments on the economic impact of policies and regulations. Our two main services economic and management consulting are delivered by practice groups that focus on specific areas of expertise or industries.

Position Overview

CRAs Forensic Services practice supports companies commitment to integrity by assisting them and their counsel in independently responding to allegations of fraud, waste, abuse, misconduct, and noncompliance. We deploy crosstrained teams of forensic professionals to assist clients in gaining deeper insights and greater value more quickly, providing accounting and forensic services as well as cybercrime investigation services.

We are looking for curious, analytical, highly motivated candidates with 35 years of experience who have majored in Computer Science, Digital Forensics, Information Security, and/or Information Systems. We value knowledge of cybersecurity concepts, research experience, quantitative ability, exceptional written and oral communication skills, and a high level of initiative. Consulting Associates use data to solve client problems, work collaboratively with a team, manage their time effectively, prioritize tasks, and take pride and ownership in their work.

Responsibilities

• Execute security and privacy investigations for CRA clients, in preparation of, and in response to, data security matters, including breach detection, threat analysis, incident response, and malware analysis.
• Provide expert digital forensic support for counsel and clients in support of data security incidents such as data breaches or fraud.
• Assist in drafting forensic reports and affidavits and testifying as an expert in digital forensics and incident response.
• Engage in problemsolving and forensic analysis of digital information using standard evidence handling techniques and computer forensics tools.
• Identify, research, and organize information to assess the appropriateness and sufficiency of available data to facilitate effective data access and analysis.
• Develop familiarity with threat intelligence, logging data, and other contextual clues relevant to analysis.
• Recognize relationships among multiple sources and types of information to facilitate effective data analysis.
• Program, model build, and administer databases using Python, TSQL, VBA, Excel, C#, and other tools.
• Implement quality control measures and documentation to ensure reliability of analysis and risk management.
• Forensically acquire data and images from identified hosts, locate evidence of compromise, and determine impact from disk, file, memory, and log analysis.
• Identify artifact and evidence locations to answer critical questions, including execution, file access, data theft, antiforensics, and system usage by an adversary.
• Detect and hunt unknown live, dormant, and custom malware across multiple hosts in an enterprise environment.
• Create indicators of compromise (IOCs) to strengthen incident response and threat intelligence efforts.
• Track adversary activity secondbysecond on a host via indepth timeline analysis.
• Determine the type of malware used in an attack, choosing appropriate defenses and response tactics for each.
• Identify lateral movement and pivots within client enterprises, showing how an adversary transitions from system to system without detection.
• Use physical memory analysis tools to determine an adversarys activities on a host and other hosts used as pivot points across the network.
• Examine traffic using common network protocols to identify patterns of activity or specific actions that warrant further investigation.
• Identify and track malware beaconing outbound to its command and control (C2) channel via memory forensics, registry analysis, and network connections.
• Provide technical assessment, audit, and guidance to clients on the adequacy of cyber security controls in accordance with NIST CSF 2.0, HIPAA, ISO 27001/27002, SOC2, and NERCCIP.
• Participate in practicebuilding activities including recruiting and training.

Desired Qualifications

• Strong understanding of computer operating systems, software, and hardware.
• Experience conducting detailed forensic investigations and analysis of computers, networks, mobile devices, and removable media.
• Proficiency with commercial and open source forensic tools for file system, memory, and network analysis.
• Experience with static/dynamic malware analysis in a lab environment and threat hunting in a live environment.
• Competitive experience in collegiate computer security competitions.
• Solid evidence handling and chain of custody procedures.
• Ability to draft technical and investigative reports and communicate findings.
• Automation scripting skills to expedite analysis.
• Knowledge of incident response procedures: preparation, identification, containment, eradication, and recovery.
• Understanding of common attack techniques and how to counteract them.
• Certifications such as SANS GIAC (GCFA, GCFE, GNFA, GIME), IACIS (CFCE or CIFR), Magnet MCFE, XWays XPert, or similar.

To Apply

• Resume include current address, personal email, and telephone number.
• Cover letter describe your interest in CRA and how this role matches your goals.

Career Growth and Benefits

• CRAs robust skills development programs include 100 hours of training annually through formal and informal programs, mentoring, performance coaching, and leadership opportunities.
• Comprehensive total rewards program including a superior benefits package, wellness programming, and inhouse immigration support for foreign nationals.

Work Location Flexibility

CRA expects individuals to work 34 days per week in the office, with travel to client meetings and possibly to other CRA offices as needed. Remote work is permitted at periodic intervals as coordinated with the practice or team.

Our Commitment to Equal Employment Opportunity

Charles River Associates is an equal opportunity employer (EOE). All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, status as a protected veteran, or any other protected characteristic under applicable law.

Compensation

A goodfaith estimate of the annual base salary range for this position is $100,000 $126,500; additional bonus incentive compensation may be eligible.

Benefits Package

Benefits include medical, dental, vision insurance, 401(k) retirement plan with employer match, life and disability insurance, paid time off, paid parental leave, wellness programs, employee assistance resources, and commuter benefits.

Job Tags

Similar Jobs