Website Royal Caribbean
The Senior Cyber Investigator role combines the responder, computer forensics, threat analysis, behavioral & analytics functions to become a technology subject matter expert. This role will consult with RCL business groups, external researchers, local, Federal and international law enforcement. Within the RCL Incident Management Program the senior investigator will perform cyber investigations for the RCL enterprise including those relating to external hackers, insider abuse and fraud. The Investigator will assist with developing and deploying the enterprise incident response and threat analysis program and supporting documentation, participating in operational analysis, and leading investigations of actual or potential cyber incidents. The role requires the first responder to be proactive and a highly technical subject matter expert in security, technologies, threat analysis and indicators of compromise.
The Investigator will collaborate their efforts with Information Security (IS) senior and executive leadership as well as key personnel within Information Technology (IT), Legal, Crisis Management, Compliance and Ethics, Human Resources, Global Security, Internal Audit, Privacy and Global Business Management. This collaboration helps ensure the Cyber Threat program is evaluating and managing threats in all external information sharing relationships. The Investigator needs to understand forensic tools, develop SIEM queries and dashboards, develop and implement analytical models, review threat intelligence data and work understand and work with SOAR technologies. The role requires sound judgment with a high level of integrity, ethics and ability to calmly, diplomatically and effectively deal with stressful situations
- Follows applicable laws and regulations, standards and policies to conduct computer forensics procedures and investigation practices.
- Collects and analyzes information data (system logs, network traffic activity, encrypted or erased data, etc.) of IT systems, networks, hardware/software and suspected devices.
- Works with basic function of digital forensics tools.
- Monitors forensics procedures and adjusts digital forensics tools accordingly.
- Installs, upgrades or maintains firewall technology or anti-virus software.
- Explains computer forensics, authentication mechanisms and digital certificates.
- Participates in evaluating information security features against business requirements.
- Utilizes a specific hardware or software security technology to control risks.
- Collects and documents information about new information security tools.
- Explains forensics results from a business development perspective.
- Compares the uses and benefits of diverse digital forensics tools.
- Selects a digital forensics tool for a specific case while minimizing risk.
- Prepares incident investigation reports and documents of computer forensics for following processing.
- Uses techniques and tool sets (e.g. Encase, X-Ways, FTK, SIFT) to detect and track electronic data trails and digital evidence of information security incidents.
- Works with computer forensics measures to detect information security incidents, such as cybercrimes, hacking, intrusions, and frauds
- Bachelor’s degree or equivalent experience
- Certified CISSP or/and GCFA, GCIH, GIAC…
- Required 4 – 8 years combined years of experience in I.T, Information Security, Cyber Response, Maritime Cyber Security, or Threat Intelligence
- Preferred 4 – 8 years combined years of forensic investigation, incident response, and cyber intelligence operations
- Preferred 4 – 8 years of progressive leadership experience.
- Previous experience at the NSA, DoD, NOAA Emergency Operation Center, Maritime Security Operations or as a Military Threat Operations team member, or Cyber Crime investigator required
- Must have strong verbal and written communication skills; interpersonal collaborative skills; and the ability to communicate IS and risk-related concepts to technical and non-technical audiences
- Must have a strong understanding of TCP/IP networks and associated tools
- Must have a solid understanding of Apple, Linux and Windows Operating systems
- Assist with the management of and enhancements to the forensics and malware analysis lab
- Assist with the management and enhancements for procedures/runbooks, including employee investigations, network forensics, incident response forensics, privacy, fraud and external cyber investigations.
- Must be intelligent, articulate, and consensus building and be able to serve as an effective member of the team
Company: Royal Caribbean
Vacancy Type: Full Time
Job Location: Portland, OR, US
Application Deadline: N/A