Postings

Digital Forensics and Incident Response Director

July 30. 2019

Interested in applying for this position?

Email us at forensics@gillware.com with your cover letter and resume.

Digital Forensics and Incident Response Director


Position Summary

As part of our digital forensics and incident response team, this role will lead investigatory and incident response efforts alongside other members of the team. In the fast-paced cyber industry, this position requires a willingness to travel (up to 20%) and strong, well-developed analytic, qualitative, and quantitative reasoning skills and demonstrated creative problem-solving abilities. The right candidate will be obsessed with accuracy but still able to get relevant results to clients ahead of schedule; be able to triage multiple cases; function in a highly confidential environment; and be able to explain highly technical findings to non-technical executives.

Desired Characteristics:

  • Confidence and strong experience responding to data breaches
  • Counsel clients in distress and provide containment / remediation guidance.
  • Form and articulate expert opinions based on analysis to then produce high-quality oral and written correspondence and reporting, presenting complex technical matters clearly and concisely.
  • Support the mentorship and technical development of junior staff.
  • Create strategic and efficient processes for common investigations and deliverables.
  • Investigate network intrusions and other cybersecurity incidents to determine root cause and the extent of the incident. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
  • Preserve, harvest and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices.
  • Develop and refine policies and procedures for forensic and malware analyses.
  • Research, develop, and recommend hardware and software needed for incident response and help develop and maintain policies and procedures to analyze digital evidence.
  • Collaborate with the cyber risk management team in technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for clients who have been compromised.
  • Experience working directly with C-suite professionals, senior attorneys, and government regulators
  • Someone highly responsive to customer needs and deadlines, and with no compromise in work quality.

Basic Qualifications:

  • 5-7 years’ professional experience in network and/or cyber investigations, incident response or forensics
  • Experience in a professional services firm handling law firm clients
  • Lead the case management efforts from scoping calls to report delivery.
  • Liaison with external counsel and partners
  • Ability to manage multiple projects and train/ mentor staff
  • Relevant industry certifications are a plus: GIAC Certified Incident Handler (GCIH); GIAC Certified Intrusion Analyst (GCIA); GIAC Reverse Engineering Malware (GREM); GIAC Certified Forensic Analyst (GCFA); GIAC Certified Forensic Examiner (GCFE); Encase Certified Examiner (EnCE)
  • Experience with forensic processes and procedures (chain of custody, computer acquisition techniques, and memory acquisition techniques
  • Advanced working knowledge of forensic tools (e.g. Axiom, Encase, FTK, BlackLight)
  • Experience with Unix, Linux, Mac, and Windows systems, and an admin level understanding of networking, firewalls, and the various protocols involved in data sharing and communications (e.g. how protocols work, their common ports, and common usage)
  • Working knowledge of current data collection, storage, and chain of custody best practices
  • Excellent reporting skills (both written and verbal)
  • Experience presenting findings and recommendations to C-level executives, law enforcement, and outside counsel
  • Knowledge of common malware persistence mechanisms
  • Experience identifying and triaging malware
  • Ability to support business development efforts
  • Strategic mindset but also detail-oriented and hands-on ability to lead high-level discussion on DFIR technology strategy and approach both internally and externally
  • Ability to manage clients, lead meetings, and manage multiple project teams concurrently
  • Ability to quickly develop and maintain rapport with clients
  • Demonstrated ability to cross-sell or upsell existing clients and generate new business
  • Experience managing complex budgets
  • Ability to allocate staff to various projects quickly and efficiently
  • Willingness to travel as required (up to 20%) to support leadership, customer briefings, planning and other activity as needed
  • Experience working on Business Email Compromise and Ransomware incidents.
  • Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure.Experience with conducting log analysis of Windows Event Logs, Apache, IIS, packet capture systems, and firewall logs.
  • Experience with command line tools (grep, sed, awk, powershell), python, and other programming languages.
  • Familiarity with computer system hardware and software installation and troubleshooting.

Perks:

  • Collaborative, hard-working, energetic team culture
  • Excellent benefits – Vision, Medical, and Dental
  • 401K with company match
  • Unlimited PTO/time off policy
  • Bonuses for stellar performance

About Gillware

Gillware provides incident response, digital forensics, cybersecurity, and data recovery services to legal and insurance professionals, corporate IT, in-house security teams, law enforcement, and everything in between. Founded in 2003, Gillware supports a global network of partners and clients from its offices in Madison and Milwaukee, WI. Gillware’s digital forensics operation is led by Cindy Murphy, a leading forensics investigator and educator with over two decades of professional experience in the field. Gillware’s team of computer scientists, researchers and investigators leverage years of experience and state-of-the art tools to deliver unparalleled results in the most challenging cyber security, digital forensics and disaster recovery scenarios.

IT Specialist

July 30, 2019

Interested in applying for this position?

Email us at forensics@gillware.com with your cover letter and resume.

IT Specialist


Position Summary

Gillware’s data breach and incident response team is a group of talented and experienced digital forensic investigators and IT professionals that is called upon to help our clients respond to and recover from cyberattacks.  As a member of Gillware’s team you will be sent onsite, or provide remote support, during and in the immediate aftermath of a cyberattack.  During the restoration process you will work side-by-side with Gillware’s investigators to collect digital artifacts, restore systems, reconfigure domain controllers and firewalls, troubleshoot network issues, and provide any other IT related tasks necessary to restore the client’s business operations.  Candidates for this role exhibit calmness under pressure, have excellent communication skills, and have a strong desire to help individuals in need.  Ability to travel up to 75% is required.

Requirements:

  • Extensive experience with Office 365 and G-suite administration
  • Active Directory/Exchange administration
  • Solid understanding of Linux operating system; command line tools, syslogging, application configuration
  • Knowledge of Windows Active Directory/Exchange/Domain controller setup and administration
  • Network configuration and troubleshooting
  • Understanding of computer deployment management systems and disk imaging solutions
  • Experience with supporting Microsoft Windows workstations and Microsoft Windows applications
  • Experience with firewalls, VPN’s, Active Directory, Group Policy, Linux and Windows servers along with Hyper-V desired.
  • Technical ability to troubleshoot, diagnose and repair systems and networks.
  • Understanding of host-based and network-based security issues
  • Ability to travel up to 75%

Additional Preferred Characteristics

  • Independent problem solving
  • Self-starter with good work ethic; commitment to deadline
  • Eye for detail and accuracy are very important
  • Professional appearance and attitude, positive, friendly personality
  • Excellent verbal and written communication skills with an emphasis in customer service.
  • Ability to comprehend and follow verbal and written technical instructions.
  • Ability to work collaboratively in a team environment.
  • Must have reliable transportation and an active driver’s license.
  • Desire to write code and able to write scripts is a bonus.

Perks:

  • Collaborative, hard-working, energetic team culture
  • Excellent benefits – Vision, Medical, and Dental
  • 401K with company match
  • Unlimited PTO/time off policy
  • Bonuses for stellar performance

About Gillware

Gillware provides incident response, digital forensics, cybersecurity, and data recovery services to legal and insurance professionals, corporate IT, in-house security teams, law enforcement, and everything in between. Founded in 2003, Gillware supports a global network of partners and clients from its offices in Madison and Milwaukee, WI. Gillware’s digital forensics operation is led by Cindy Murphy, a leading forensics investigator and educator with over two decades of professional experience in the field. Gillware’s team of computer scientists, researchers and investigators leverage years of experience and state-of-the art tools to deliver unparalleled results in the most challenging cyber security, digital forensics and disaster recovery scenarios.

Part-Time Entry-Level Digital Forensics Assistant

July 30, 2019

Interested in applying for this position?

Email us at forensics@gillware.com with your cover letter and resume.

Part-Time Entry-Level Digital Forensics Assistant

Position Summary

Gillware is seeking an individual to assist our investigators in conducting digital forensics and incident response (DFIR) services.  Qualified individuals will be self-starters with a thirst to learn and the desire to quench it.  Preference will be given to applicants with a background in, or coursework pertaining to, IT, information security, or digital forensics, but no previous digital forensics/incident response experience is required.   Individuals should have a solid grasp of basic IT help desk and networking skills.

Job Responsibilities

Primary job responsibilities will include assisting senior forensic examiners on casework:

  • Generate forensic images of devices being investigated
  • Collect and processing digital forensic artifacts
  • Analyze digital forensic artifacts
  • Review firewall logs
  • Identify and investigate malware
  • Assist with document review

About Gillware

Gillware provides incident response, digital forensics, cybersecurity, and data recovery services to legal and insurance professionals, corporate IT, in-house security teams, law enforcement, and everything in between. Founded in 2003, Gillware supports a global network of partners and clients from its offices in Madison and Milwaukee, WI. Gillware’s digital forensics operation is led by Cindy Murphy, a leading forensics investigator and educator with over two decades of professional experience in the field. Gillware’s team of computer scientists, researchers and investigators leverage years of experience and state-of-the art tools to deliver unparalleled results in the most challenging cyber security, digital forensics and disaster recovery scenarios.

Digital Forensics and Incident Response Analyst

July 30, 2019

Interested in applying for this position?

Email us at forensics@gillware.com with your cover letter and resume.

Digital Forensics and Incident Response Analyst


Technical member of Gillware’s data breach, incident response and cybersecurity risk management teams. The primary responsibility of this role will be responding to and investigating organizations impacted by a data breach.

 Desired Characteristics:

  • Perform reactive incident response functions including but not limited to host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
  • Provide immediate onsite and remote support for digital forensics, incident response, and litigation support as needed
  • Conduct defensible data acquisitions and analysis
  • Preserve and analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices.
  • Process collected data in various digital forensic, litigation support, and data analytics tools
  • Produce high quality oral and written work product, presenting complex technical matters clearly and concisely.
  • Demonstrate skills at the identification, collection, preservation, processing of data as part of the investigation process
  • Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
  • Provide support on incident response engagements to senior level team members to guide clients through forensic investigations, contain security incidents, and provide guidance on longer-term remediation recommendations.
  • Ability to perform light travel requirements as needed to meet business demands (on average 20%).

Basic Qualifications:

  • 1-2 years of incident response or digital forensics experience with a passion for cybersecurity
  • Proficient with host-based forensics and data breach response
  • Experienced with IR and forensics tools, such as, Magnet Axiom, EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, Wireshark, TCPDump, and open source forensic tools
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field
  • Additional core competencies a plus such as data analytics and/or eDiscovery
  • GCFE, GCIH, CCE, EnCE or equivalent digital forensics / incident response certification preferred, but not required.
  • Established experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.).
  • Proficiency with database querying and analysis.
  • Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure.
  • Experience with conducting log analysis of Windows Event Logs, Apache, IIS, and firewall logs.
  • Ability to conduct basic malware analysis.
  • Experience with command line tools (grep, sed, awk, powershell), python, and other programming languages.
  • Familiarity with computer system hardware and software installation and troubleshooting.
  • Well-developed analytic, qualitative, and quantitative reasoning skills and demonstrated creative problem-solving abilities.
  • Strong shell, C, C++ and/or Java programming skills and proficiency in Assembler languages a plus.
  • Proficiency with MS Office Applications, and familiarity with Windows, Macintosh and Linux operating systems.

Perks:

  • Collaborative, hard-working, energetic team culture
  • Excellent benefits – Vision, Medical, and Dental
  • 401K with company match
  • Unlimited PTO/time off policy
  • Bonuses for stellar performance

About Gillware

Gillware provides incident response, digital forensics, cybersecurity, and data recovery services to legal and insurance professionals, corporate IT, in-house security teams, law enforcement, and everything in between. Founded in 2003, Gillware supports a global network of partners and clients from its offices in Madison and Milwaukee, WI. Gillware’s digital forensics operation is led by Cindy Murphy, a leading forensics investigator and educator with over two decades of professional experience in the field. Gillware’s team of computer scientists, researchers and investigators leverage years of experience and state-of-the art tools to deliver unparalleled results in the most challenging cyber security, digital forensics and disaster recovery scenarios.

No local postings at this time.

ISACA Career Center

Additionally, ISACA International hosts the ISACA Career Center site. The ISACA Career Center is another source for IT audit and information security professionals. Designations and experience are highlighted for employers, providing a special opportunity for those interested in hiring CISA®, CISM®, CGEIT®, or CRISC holders and applicants with COBIT® experience.