Information Security Forensic Analyst – REMOTE

Current Employees:

If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here to log in to Workday to apply using the internal application process. To learn how to apply for a position using the Career worklet, please review this quick reference guide.

Job Seekers can review the Job Applicant Privacy Policy by clicking HERE.

You are the driving force behind our company.

Start your career with Ryder today!

Summary
The Information Security Forensic Analyst is responsible for a broad range of responsibilities with a primary emphasis on supporting the soc 24/7 incident response by providing host and network forensic analysis. The main functions of this role are supporting personnel investigations and remediation of security incidents. The analyst will work closely with the Security incident response teams, the Security Operations Center manager, the threat team, +6the legal team, members of the other security teams, and other internal organizations to successfully lead the remediation and closure activities related to security incidents or potential threats to the company. The Forensic Analyst will leverage security technologies and industry best practices to manage information security incidents, investigations, and related events across the distributed enterprise.

***REMOTE WORK FROM HOME***

Essential Functions

• Plans, coordinates, and directs the inventory, examination, and comprehensive technical analyst of computer related evidence.
• Distills analytic findings into executive summaries and in-depth technical reports.
• Serves as a technical forensic liaison to stakeholders and explains investigations details to include forensic methodologies and protocols.
• Tracks and documents on-site incident response activities and provides updates to leadership throughout the engagement.
• Acquire/Collect computer artifacts (e.g., malware, user activity, link files) in support of onsite engagements.
• Correlate forensic findings to network events in support of developing and intrusion narrative.
• Conduct analysis of forensic images, and available evidence in support of forensic write-ups for inclusion in reports and written products.
• Track and document forensic analysis from initial participation through resolution.
• Perform forensic triage of an incident to include determining scope, urgency and potential impact.

Additional Responsibilities

• Assists with leading and coordinating forensic preliminary investigations.
• Evaluates, extracts, and analyzes suspected malicious code.
• Triage Electronic devices and assess evidentiary value.
• Be readily available to participate in collaborative threat analysis meetings with internal and external trusted entities.
• Performs other duties as assigned.

Skills and Abilities

• Ability to create forensically sound duplicates of evidence (Forensic images)
• Ability to author cyber investigative reports documenting forensic findings
• Skilled in identifying different classes of attacks and attack stages
• Proficiency with proper evidence handling procedures and chain of custody protocols
• Proficiency with analysis and characterization of cyber-attacks
• Action oriented and have a proactive approach to problem solving
• Ability to manage multiple priorities and work effectively in a fast paced, high volume, results driven environment
• Ability to investigate complex scenarios and solve problems
• Understanding of System and Application security threats and vulnerabilities advanced required
• Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources advanced required
• Proficiency with common operating systems (e.g,Linux/Unix, Windows)advanced required
• Experience with several industry standard forensic and digital analysis tools advanced required
• Knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development intermediate required
• Knowledge of Information Security components, principles, practices, and procedures intermediate preferred

Qualifications

• Bachelor’s degree required Information assurance, computer science, engineering or related technical field.
• Master’s degree preferred Advanced technical degree (information assurance, computer science, engineering)
• Three (3) years or more related security systems administration with endpoint, network, application and host-based security solutions. required
• Three (3) years or more cybersecurity risk management and/or IT experience. required
• Two (2) years or more Cloud computing (e.g., Amazon Web Services, Google Cloud Platform or Microsoft Azure) security configuration and management experience preferred. preferred
• Understanding of System and Application security threats and vulnerabilities. advanced required
• Understanding of proactive analysis of systems and networks, to include creating trust levels of critical resources. advanced required
• Proficiency with common operating systems (e.g,Linux/Unix, Windows). advanced required
• Experience with several industry standard forensic and digital analysis tools. advanced required
• Knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development. intermediate required
• Knowledge of Information Security components, principles, practices, and procedures. intermediate preferred
• Information Risk, Privacy, or Security Certification (CISSP, CCSK, CCSP, PCSM)

Travel
1-10%

DOT Regulated
No

Job Category

Information Security

Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability.