The job below is no longer available.
You might also like
in Plymouth, MN
- $11
est. per hour Delaware North • 2h agoUrgently hiring 7.4 mi Use left and right arrow keys to navigate - $15 - $21
Verified per hour Macys • 2h agoExcellent pay Urgently hiring 13.3 mi Use left and right arrow keys to navigate 
$21est. per hour Woodpark Montessori Burnsville • 1h agoUrgently hiring 17.4 mi Use left and right arrow keys to navigate- $28.90 - $30.90
Verified per hour The Salvation Army USA Central Territory • 18h agoGood pay Urgently hiring 13.3 mi Use left and right arrow keys to navigate - $17
est. per hour Labcorp • 4h agoUrgently hiring 12.6 mi Use left and right arrow keys to navigate
Lead Cyber Forensic Investigator
•30 days ago
| Hours | Full-time, Part-time |
|---|---|
| Location | Plymouth, MN Plymouth, Minnesota |
About this job
The Lead Forensic Investigator reports to, and provides intelligence operational support to, the Cyber Forensic Investigations Director. The candidate will lead our forensic investigations unit. This will include the development of an evidence intake process. Ensuring proper chain of custody is a critical component to any forensic lab and will be key to the success of this position. Maintaining and updating these procedures will be an ongoing task. An insider threat program is being developed and the Lead Cyber Forensic Investigator will be our lead representative on the program team. Our team interfaces with Corporate Security on a frequent basis and this role will be our lead representative to that team. Any investigative needs that Corporate Security requires from us will be handled by the Lead Cyber Forensic Investigator.Â
Additional responsibilities will include leading the forensic investigations for the highest priority cases. These will include APT, focused operations, hacktivism, and many others. The investigator will be expected to stay abreast of adversary tactics, new forensic analysis techniques, and interface with our UHG teams. The lead investigator will be a technical and thought leader in the group. Contribute to the implementation of new technologies for the forensic acquisition of evidence within the UnitedHealth Group infrastructure. They will also be expected to assist with the implementation of technologies and processes to examine devices within our acquired entity space.Â
Other responsibilities will include the following:
Lead insider threat investigations
Build and maintain forensic lab
Define processes for the intake and proper handling of evidence (including documenting processes and refining existing ones)
Incident response during focused operations and other major attacks
Continuously evaluate current operations, identify gaps or problem areas, and innovate new solutions to address areas of improvement or expansion
Stay abreast of adversary tactics, techniques and procedures (TTPs), intelligence reporting and UHG business strategy to enable the practical application of intelligence to information security
Utilize memory analysis tools, such as Volatility and Redline, to analyze memory images of compromised hosts
Perform static and dynamic malware analysis using tools such as disassemblers, debuggers, and sandboxes
Extract IOCs from investigations to share with other groups within the Cyber Defense Operations (CDO) group
Collaborate with the other Investigative Services teams to produce expert level analysis of advanced attacks
Assist the SOC and other Investigative Services teams with investigations by utilizing your knowledge of SIEM platformsÂ
Maintain oversight and provide feedback regarding daily operations and investigations.
Primary interface between Cyber Forensics team and Corporate Security
Additional responsibilities will include leading the forensic investigations for the highest priority cases. These will include APT, focused operations, hacktivism, and many others. The investigator will be expected to stay abreast of adversary tactics, new forensic analysis techniques, and interface with our UHG teams. The lead investigator will be a technical and thought leader in the group. Contribute to the implementation of new technologies for the forensic acquisition of evidence within the UnitedHealth Group infrastructure. They will also be expected to assist with the implementation of technologies and processes to examine devices within our acquired entity space.Â
Other responsibilities will include the following:
Lead insider threat investigations
Build and maintain forensic lab
Define processes for the intake and proper handling of evidence (including documenting processes and refining existing ones)
Incident response during focused operations and other major attacks
Continuously evaluate current operations, identify gaps or problem areas, and innovate new solutions to address areas of improvement or expansion
Stay abreast of adversary tactics, techniques and procedures (TTPs), intelligence reporting and UHG business strategy to enable the practical application of intelligence to information security
Utilize memory analysis tools, such as Volatility and Redline, to analyze memory images of compromised hosts
Perform static and dynamic malware analysis using tools such as disassemblers, debuggers, and sandboxes
Extract IOCs from investigations to share with other groups within the Cyber Defense Operations (CDO) group
Collaborate with the other Investigative Services teams to produce expert level analysis of advanced attacks
Assist the SOC and other Investigative Services teams with investigations by utilizing your knowledge of SIEM platformsÂ
Maintain oversight and provide feedback regarding daily operations and investigations.
Primary interface between Cyber Forensics team and Corporate Security
Requirements
Â
5 + years of computer/cyber/digital forensic experience
Demonstrated experience with digital forensic analysis tools
5 + years of information security experience in a large, highly-regulated enterprise
Operational incident response experience
Direct experience with current advanced persistent threats (APT) and/or malware engineering
Demonstrated ability to be creative and autonomous
Basic project management skills and detail orientation
Understanding of the technology risks that are inherent to a business and an ability to effectively communicate those risks
Undergraduate degree or equivalent experience
Â
Â
Preferred skills/experiences:
Experience using 1 or more of the following tools: NetWitness, FireEye, EnCase (Enterprise and Cybersecurity) and/or ArcSight
Experience with memory analysis tools, such as Volatility and Redline (to analyze memory images of compromised hosts)
Experience with static and/or dynamic malware analysis using tools such as disassemblers, debuggers, and sandboxes
NAC clearance
Industry certifications including any of the following: ENCE, CCFP, ACE, GCFA and/or GCIH
UnitedHealth Group experience
Â
Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people's lives. This is where it's happening. This is where you'll help solve the problems that have never been solved. We're freeing information so it can be used safely and securely wherever it's needed. We're creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life's best work.SM
Â
Â
Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.
UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.
5 + years of computer/cyber/digital forensic experience
Demonstrated experience with digital forensic analysis tools
5 + years of information security experience in a large, highly-regulated enterprise
Operational incident response experience
Direct experience with current advanced persistent threats (APT) and/or malware engineering
Demonstrated ability to be creative and autonomous
Basic project management skills and detail orientation
Understanding of the technology risks that are inherent to a business and an ability to effectively communicate those risks
Undergraduate degree or equivalent experience
Â
Â
Preferred skills/experiences:
Experience using 1 or more of the following tools: NetWitness, FireEye, EnCase (Enterprise and Cybersecurity) and/or ArcSight
Experience with memory analysis tools, such as Volatility and Redline (to analyze memory images of compromised hosts)
Experience with static and/or dynamic malware analysis using tools such as disassemblers, debuggers, and sandboxes
NAC clearance
Industry certifications including any of the following: ENCE, CCFP, ACE, GCFA and/or GCIH
UnitedHealth Group experience
Â
Technology Careers with Optum. Information and technology have amazing power to transform the health care industry and improve people's lives. This is where it's happening. This is where you'll help solve the problems that have never been solved. We're freeing information so it can be used safely and securely wherever it's needed. We're creating the very best ideas that can most easily be put into action to help our clients improve the quality of care and lower costs for millions. This is where the best and the brightest work together to make positive change a reality. This is the place to do your life's best work.SM
Â
Â
Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.
UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.