Principal Digital Forensics Analyst
Corporate
 Rancho Cordova, CA

Position Purpose:

  • Plan and build capabilities to establish and mature the forensics program.
  • Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes.
  • Set strategy and build forensics capabilities to support Centene’s strategic direction.
  • Architect, design and build forensic process and technology. Provide requirements and assist team in building Forensics lab to meet needs of the program.
  • Establish and mature forensic program. Incorporate best in class process and technology from Digital Forensics Incident Response (DFIR) community.
  • Collect, preserve, and analyze digital evidence from electronic data sources, including laptops, desktops, servers, and infrastructure devices.
  • Investigate incidents leveraging common forensics tools to analyze memory, hard drive, malware, and network based artifacts.
  • Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes
  • Prepare and review written technical reports that document case findings and lead the internal development of DFIR policies and procedures.

Education/Experience: Bachelor’s degree in Computer Science, IT, Security, Forensics or related field. 7 years of cyber security, forensics, incident response, or threat hunting experience.

License/Certification: NAC, Certified Ethical Hacker (CEH), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Reverse Engineering Malware (GREM), and Forensics certifications preferred

Desired, subject matter expertise in one or more of the following domains:

  • Windows Client / Servers
  • Unix / Linux
  • Firewalls / ACL
  • Networking / Routing
  • Cloud Computing

Preferred:

  • Creation of Intelligence Reports and Products
  • Data source identification, collection, enrichment and analysis, Endpoint, Network security analysis
  • Creation, research and mitigation of memory corruption vulnerabilities and exploits
  • Malware analysis or Reverse Engineering
  • Splunk (SEIM) experience in custom queries, searches, creating correlated alerts, and dashboard creation
  • Nessus or Nexpose vulnerability scanning, configuration and report generation experience

Preferred Certifications:

  • GIAC Cyber Threat Intelligence (GCTI)
  • Offensive Security Certified Professional
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analysist (GCFA)
  • GIAC Certified Pentester (GPEN)

This position will be supporting a Federal government contract, therefore it requires U. S. citizenship and proof of favorable adjudication following submission of Department of Defense form SF86 or higher security.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.

Support