Digital Forensics Examiner II
A Digital Forensics Examiner II performs moderately complex analyses of digital information to identify internal and external threats and performs investigations pertaining to computer fraud or other cybercrimes, as well as collecting, processing, and producing electronic information for internal investigations and litigation. The individual prepares comprehensive reports for senior management and internal/external legal counsel and may serve as an expert witness, as necessary.
- Conduct moderately complex digital forensic analysis, examination and electronic discovery of electronic evidence across multiple platforms and architectures, including computer-related equipment, smart devices, optical media, network devices and information systems.
- Work closely with colleagues in other IT teams, internal legal counsel and other investigating entities to maintain digital forensics and electronic discovery infrastructure and programs in accordance with established organizational policies and procedures.
- Administer, maintain and use litigation support software for providing data for review and production. Collect, preserve, label and store evidence in accordance with department procedures and the Electronic Discovery Reference Model best practices.
- Work with investigating entities, internal and external legal counsel and law enforcement, participating in investigative and legal interviews, to ensure accurate and complete understanding of allegations and needs of investigations; properly document all phases of the investigation, ensuring adequate chain of custody; prepare comprehensive reports of any resulting findings; may serve as a subject matter expert and/or expert witness as necessary.
- Monitor Data Leakage Prevention (DLP) software, investigate alerts and report actionable alerts, which include verified Personally Identifiable Information (PII), to the University compliance team.
- Mentor less experienced digital forensic examiners regarding techniques, processes, and procedures; recommend updates to existing processes based on observations.
- Collaborate in Incident response activities within the Information Security Operations Center (ISOC) by leveraging strong technical investigative techniques; may recommend future controls to mitigate reoccurrences.
- Perform other duties as assigned or apparent.
• Bachelor’s Degree and four (4) years of forensics work experience combined and progressively complex systems analysis experience; OR
• Associate’s Degree and eight (8) years of forensics work experience and progressively complex systems analysis experience
• One or more recognized digital forensics certification(s) (e.g., EnCE, CCE)
• Must be fluent with digital forensics and eDiscovery techniques and industry standard software such as: Relativity, EnCase, Forensics Tool Kit and legal review and production tools
• Must have experience in Federal Rules of Civil Procedure
• Fluency in computer operating systems, hardware and software, as well as fluency in LAN, WAN, and server technologies, and with celluar and smart devices
• Familiarity with databases, database programming, programming languages and application programming.
• Strong oral and written communication skills to effectively interact with internal and external customers, legal counsel and law enforcement, and department staff
• Ability to prioritize and perform multiple tasks simultaneously