Job posting has expired
Back to search resultsPrincipal Forensic & Incident Response Architect | Full Time
![]() | |
![]() United States, Michigan, Detroit | |
![]() | |
GENERAL SUMMARY: Working within the Information Privacy and Security Office, the Principal Forensic and Incident Response Architect works closely with all IT departments to detect, analyze, contain, and mitigate computer security incidents. This position is expected to lead and participate in incident response activities including but not limited to computer forensic investigations, live response and triage, and electronic discovery. The Principal Forensic and Incident Response Architect will also perform proactive activities including, but not limited to threat hunting, detection engineering, and tabletop exercises. The Principal Analyst will serve as an escalation point for cyber security incidents and provide oversight of cyber security investigations. The Principal Forensic and Incident Response Architect will report to the Director of Incident Response. This position will work in a collaborative effort with IT and business units to ensure that cyber security incidents are handled appropriately to mitigate the impact of a cyber security incident. PRINCIPLE DUTIES AND RESPONSIBILITIES: This position responds to and investigates cybersecurity incidents using cutting edge incident response and digital forensic techniques and tools. Performs forensic analysis involving on-premise computer systems and cloud environments. This position will help assist in the recovery of potentially lost or compromised data. When investigating computer security incidents the person in this role collects, preserves, and analyzes digital evidence. In addition, the Principal Forensic and Incident Response Architect documents and reports on findings and recommends next steps. This position will evaluate the organization's digital forensics and threat detection tools to identify gaps in monitoring and procedures around the respective tools. This position works on advanced, complex, technical projects or business issues requiring state of the art technical or industry knowledge. The role will also provide a continuous feedback loop to both security architecture and Security Operations Center (SOC) staff to continuously improve the organization's incident detection and response capabilities.
EDUCATION/EXPERIENCE REQUIRED:
CERTIFICATIONS/LICENSURES PREFERRED:
Additional Information
|