Lead Digital Forensics Investigator

Posted:
9/18/2024, 6:46:34 AM

Location(s):
Florida, United States ⋅ Orlando, Florida, United States

Experience Level(s):
Senior

Field(s):
IT & Security

Business Card Title: Lead Digital Forensics Investigator

Internal Position Title: Cyber Security Investigator Analyst IV

Generic Position Summary
As a member of the professional staff, contributes general knowledge and skill in a discipline area (e.g. Accounting, Finance, Human Resources, Information Resources, Operations Planning & Support, Sales & Marketing) to support team and/or department objectives.
Generally, works under limited supervision, but within established guidelines, producing and analyzing more complex business information to assist in the decision-making process.
Specific Job Summary
The Digital Forensics Analyst IV role conducts security investigations, supports live incident response activities, and performs forensic data collection and analysis. This role is responsible for collecting and analyzing electronically stored information, supporting various types of IT investigative work. It also works with third-party forensic services when they are retained, assisting their work and acting as liaison between MVW and the forensic partner.
This role works closely with the Law and HR departments to support internal investigations. Due to the inherent volatility of investigative response work, the candidate will be expected to manage a variable caseload and work off hours on an as-needed basis.

Results
    Security incidents are detected quickly and mitigated before MVW suffers material impact.
    Timely completion of internal data requests to Law and HR.
    Shorter time for security investigations.
    Work products are viable for internal Company and external/legal use.
    Confidentiality of investigations is assured.
Working Relationships
    IT Engineering
    Law department
    HR department
    Cyber Security Operations
    IT Operations
    Data Breach Response Team

Generic Expected Contributions
    Performs more complex quantitative and qualitative analysis for business processes and/or projects. Often manages small projects, business processes or parts of larger ones.
    Responds to, solves and makes decisions on more complex/non-routine business requests with limited to moderate risk.
 
Specific Expected Contributions
    Support security incident response processes, directing and performing investigations during and after security events take place.
    Coordinate third party forensic support resources brought on to assist in security investigations.
    Produces detailed report of security events and incidents.
    Identified root causes, documents lessons learned, and drives improvement through tracking remediation plans.
    Performs non-security related internal IT investigations such as data access requests for business partners (HR, Law departments, etc.).
    Support litigation hold and eDiscovery processes in conjunction with Law department.

Generic Candidate Profile
Successful candidates should possess knowledge and experience and demonstrate strong leadership and relationship skills as follows:
    Generally, a professional position with specific knowledge in a discipline (e.g., Accounting, Human Resources, Information Resources).
    College degree and/or relevant experience typically required.
Specific Candidate Profile
Education
•    Bachelor’s degree in IT field preferred, or related field or equivalent work experience.
•    Advanced technical certification in digital forensics or investigations is required. Examples include CTIA, CCTHP, GCIH, and CEHs.

Related Work Experience
    Six to eight years of progressive experience in relevant Information Security position.
    Experience in electronic crimes law enforcement, military intelligence, or with a security professional services organization preferred.
Skills and Attributes
    Highly skilled in the tools, techniques, and methodologies surrounding incident response and computer forensics.
    Knowledge and experience with all major operating systems, computer networking, and cloud computing platforms.
    Experience conducting security assessments, penetration testing, and ethical hacking.
    Expertise in malware analysis and reverse engineering, network forensics, memory forensics and mobile device forensics.
    Understanding of evidentiary procedures for data collections.
    Comfort with volatile criminal/civil situations
    Ability to manage the day-to-day aspects of protected customer relationships.
    Ability to manage simultaneous high priority IT investigative cases and security incidents. Willingness to work nights, weekends, and holidays and travel on short notice when necessary.
 

Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture.