Principal Cyber Security Ops Engineer

This position is the backup to the Director of Digital Forensics Investigations functioning in that position during that persons absence. Additionally, but not limited to, this position assists and trains lessor experienced analysts and works with them to complete complex investigations and research. This position is expert in many digital forensics domains such that others within the business unit and other business units collaborate to share this employees knowledge. This position works both independently and as a leader on collaborative teams to accomplish complex projects. This position has oversight on some digital forensics policies and procedures. Along with the Senior Digital Forensics Analyst, this position defines and leads projects in support of digital investigations strategy and processes. This position leads Digital Forensics Analysts and other business units to minimize the impact after forensics investigations has completed technical and forensic evaluation and identified gaps and potential for improved business processes. This position may be required to prepare documents for and testify in court. Qualifications Bachelor of Science degree with major in computer science/electrical engineering, engineering, science, a related field or commensurate experience. Graduate degree in a relevant subject. Eight or more years of experience in investigations and/or computer forensics. Some technical, IT, and/or incident response experience may be considered. Outstanding collaboration, strong influencing, problem-solving and negotiation skills. Proven strategic thinking skills to solve complex enterprise and business challenges. High level of emotional intelligence and confidence. Demonstrated group and project leadership skills. Experience leading computer forensics investigations. Experience in leading other investigations (HR, Legal, compliance, regulator requests, etc.). Communication proficiency, oral and written. Ability to clearly document investigative and research findings. Ability to coordinate efforts among legal, human resources, corporate compliance, law enforcement, and outside information investigative and security handling agencies. A productive team player. Problem solving/analysis. Experience in memory forensics. Experience in mobile device forensics. Collect and preserve evidence following industry best practices and established procedures. Experience evaluating OS logs, application logs, firewall, IPS, sand boxing, host security, network devices, vulnerability management, DLP, network forensics, etc. in investigations. Participate in on-call rotation as necessary. Experience investigating account take over and other attacks against web-based services a plus. Ability to interact with executives in a professional manner regarding sensitive investigations. Ability to present findings both orally and in writing to C-Staff, other internal, and/or external stakeholders as required. The ability to react quickly and efficiently under pressure. The ability to work well independently and/or with a team. The ability to work collaboratively. Great at team building. Ability to convey knowledge to other team members. Experience conducting forensics on Windows, Mac and Linux based computers. Continually learn new technology and best practices for digital forensics investigations. Use investigation findings to recommend business process improvements (identify gaps). Lead the forensic investigation efforts and the postmortem sessions for digital forensics investigations, as needed. Thorough work ethic, attention to detail. Skills of perception and QA, ability to identify vulnerabilities and overall issues. Critical thinking skills. Understanding of how systems get infected and common malware behavior. A problem-solving mind-set. Forensic approach to challenges. Desire to self-educate and stay current in digital forensics processes. Ability to disassemble, reassemble, test, and examine all manner of computers and computer and network components. Certifications (some, but not all). Certified Information Systems Security Professional (CISSP) Certified Forensic Computer Examiner (CFCE) GIAC Certified Incident Handler (GCIH) GIAC Certified Enterprise Defender (GCED) CompTIA Advanced Security Practitioner (CASP) GIAC Security Expert (GSE) Certified Ethical Hacker or Computer Security Incident Handler (CSIH) GIAC Certified Forensic Analyst (GCFA) GIAC Advanced Network Forensics (GNFA) GIAC Intrusion Detection (GCIA) GIAC Security Essentials (GSEC) Project Management Professional Certification (PMP) Systems Security Certified Practitioner (SSCP) CompTIA (A+) CompTIA (Security+) EnCase Certified Examiner (EnCE) Access Data Certified Examiner (ACE) Primary Location : Santa Clara Travel: 5%