Principal/Cybersecurity & Incident Response (Forensic Services practice)

About Charles River Associates

CRA is a leading global consulting firm that provides independent economic and financial analysis behind litigation matters, guides businesses through critical strategy and operational issues to become more profitable, and advises governments on the economic impact of policies and regulations.

Our two main services economic and management consulting are delivered by practice groups that focus on specific areas of expertise or industries.

Click here to learn how CRA can help you your career.

Position Overview

CRA’s practice supports companies’ commitment to integrity by assisting them and their counsel in independently responding to allegations of fraud, waste, abuse, misconduct, and non-compliance.

We are noted for deploying cross-trained teams of forensic professionals to assist our clients in gaining deeper insights and greater value more quickly.

We provide accounting and forensic services as well as cybercrime investigation services.

As an experienced leader in the forensic & cyber investigations space, your responsibilities as a Principal may include (but are not limited to) :

• Leading security and privacy investigations for CRA clients, in preparation of, and in response to, data security matters, which may include ongoing breach detection, threat analysis, incident response and malware analysis;
• Performing forensic analysis of digital information using standard computer forensics and evidence handling techniques and computer forensics tools;
• Serving as primary point of contact for clients with regard to all incident response activities including malicious code, unauthorized access, and inappropriate usage;
• Supervising project team execution by leading quality assurance efforts and overseeing work product;
• Improving the ability of the incident response team to react to incidents by evaluating and implementing new tools and processes;
• Maintaining effective relationships with local, state and federal law enforcement agencies to assist in criminal matters;
• Creating, leading, and maintaining leveraged team environment that is positioned for continued success and expansion by actively recruiting and retaining employees, and managing team morale;
• Participating in and leading business development efforts by building relationships with current and potential clients, drafting and presenting proposals, participating in pitches, and demonstrating firm capabilities to potential clients;
• Providing technical assessment / audit and guidance to clients on the adequacy of cyber security controls in accordance with cybersecurity frameworks that are included in one or more of the following - NIST CSF 2.
• 0, HIPAA, ISO 27001 and 27002, SOC2, NERC-CIP;
• Assist with team recruiting and training efforts as needed.

Desired Qualifications

• Must hold a Bachelor’s or Master’s degree in a related field.
• 10+ years’ experience in cyber intrusion investigation, digital forensics or incident response analysis.
• Ability to effectively lead teams, prioritize multiple projects and meet timely deadlines.
• Experience in a hands-on technical role functioning as an incident responder, network forensic analyst or malware analyst.
• Experience leading data analytics engagements and managing the execution of technology-based best practices.
• Working knowledge of computer hardware components, operating systems, file systems, computer networks, e-mail systems, mobile devices, IT security or incident response.
• Deep knowledge of networking (TCP / IP, design, traffic flow, protocols, sessions), operating systems (Windows / *nix) and web technologies.
• Willing and able to travel for client projects.
30+ days ago