Digital Forensics Specialist

Description

RESPONSIBILITIES/ TASKS

• Maintain inventory, operability, and accountability of assigned company assets
• Assist in testing assigned forensic tools and applications
• Perform forensic imaging of computer and mobile systems and other data collections
• Identify strengths, suggest workflow improvements, and gaps in capabilities of tools and applications
• Work with internal stakeholders to ensure collection requests are performed in a forensically sound and timely manner
• Document and follow Chain of Custody procedures to ensure quality and defensibility of forensic collections
• Review documentation and procedures to help identify areas for thoroughness or improvement
• Assist in forensic analysis of data for investigative purposes
• Engage with other lines of business contacts within Oracle to expand capabilities for collections by establishing trusted and trained employees to serve as virtual team members
• Professionally communicate with other employees and internal customers as needed for data or physical acquisitions
• Ability to communicate effectively, timely, and appropriately while collaborating with a global team
• Perform other duties as assigned

QUALIFICATIONS

Required qualifications

• University degree from an accredited college or university, or equivalent certifications
• 3 years of experience in information security, law enforcement or other related field, and of which at least 1 year is directly related to digital forensics
• Strong technical experience, including multiple operating systems and networking
• Knowledge of industry digital forensics standards and processes.
• Good organizational skills and detail-orientation essential
• Experience with disk encryption solutions including Microsoft Bitlocker, LUKS, FileVault, TrueCrypt, VeraCrypt, McAfee or Symantec Disk Encryption
• Good presentation, written and verbal communication skills
• Self-starter: doesn’t need to be micro-managed
• Problem solving skills and a good understanding of the scientific process
• Excellent team player and collaborator
• Ability to document technical procedures in a user-friendly way
• Ability to transfer technical knowledge and cross-train others
• Knowledge of forensic imaging and analysis of workstations, servers, cloud compute resources, and mobile devices
• Direct experience with and including official training and certification in multiple of the following:
  • BlackLight and MacQuisition
  • Magnet Forensics Axiom
  • OpenText/Guidance EnCase
  • Cellebrite Tools
  • Oxygen Forensics Detective
  • FTK / AccessData Enterprise
• Ability to Travel Internationally approximately 25%
• Approximately 25% office / 75% work-from-home

Career Level - IC4

Responsibilities

Participates in Digital Forensic investigations and focus on internal investigations and security events with a mix of technical, analytical, investigative responsibilities with an internal drive of both finding, proving, and documenting artifacts as well as seeking root cause, options of solutions, and best outcomes.

Will collect digital evidence from various endpoints, devices, systems, environments, and ensure integrity, completeness, and chain of custody while following policy and SOP.

Will analyze various devices, logs, message, email, and activity to uncover knowledge and intent, looking for malicious activity or policy violations.

Will utilize various approved tools and techniques as necessary to accomplish the goal of the investigation.

Will produce detailed, accurate, defensible forensic reports, as well as internal SoPs and project documentation.

Will work closely with incident response teams to investigate and resolve certain security events.

Will develop new methods, and playbooks, as well as sophisticated scripts, applications, and tools, and trains others in their use.
May participate in an incident management team, responding to security events in line with Oracle incident response playbooks.

Investigates purported intrusions and breaches, and oversees root cause analysis.
Evaluates existing and proposed technical architectures, policies, standards, and playbooks for security risk, provides technical advice to support the organization and recommends security controls to mitigate.

Brings advanced-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, and where computer programming/scripting knowledge is required.
Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department.

Qualifications
Disclaimer:

Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.

Range and benefit information provided in this posting are specific to the stated locations only

US: Hiring Range in USD from: $109,200 to $223,400 per annum. May be eligible for bonus and equity.

Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle’s differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.

Oracle US offers a comprehensive benefits package which includes the following:
1. Medical, dental, and vision insurance, including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
9. 11 paid holidays
10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
11. Paid parental leave
12. Adoption assistance
13. Employee Stock Purchase Plan
14. Financial planning and group legal
15. Voluntary benefits including auto, homeowner and pet insurance

The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.