Associate - Forensic Technology, EDiscovery & Cyber Investigations
EY’s Forensic Technology team is a group of technical specialists that practice digital forensic investigations and the full life cycle of the EDRM from the early stages of data scoping and collection to its processing, analysis, production, and reporting. This growing Forensic Technology team forms part of the Forensic & Integrity Services practice and specializes in forensic technology services encompassing Digital Forensics and eDiscovery.
Since we work with such a diverse portfolio of clients across industries, you can expect to take on a wide range of technology challenges from incident response to forensic investigation, to litigation and regulatory response, EY Privacy and Cyber Response professionals assist organizations to fight and prepare against complex cyber-attacks. Our Forensic Technology lab provides forensic technology infrastructure and tools necessary to accelerate the fact-finding process in diverse scenarios.
- Supporting the collection, processing, and management of large sets of digital evidence in the form of electronic communications, documents, and records from a wide array of information systems.
- Supporting our clients in performing digital forensic analysis and reporting from our Forensic Technology lab and/or client site.
- Supporting investigations with Forensic and eDiscovery technology to accelerate the fact-finding process.
- Supporting the innovation, development and documentation of new procedures and workflows in digital forensic analysis and eDiscovery methodologies.
- Supporting the deployment of eDiscovery solutions to existing and future clients.
- Supporting the production of electronic records to counsel, client and authorized third parties.
- Assisting in the resolution of client requests during the review stage of an eDiscovery engagement.
- Using a range of industry standard software to perform custom solutions to client requirements.
- Using a problem-solving approach to overcome unexpected issues - both technical and operational.
- Assisting in preparing documentation of work, working papers, schedules and reports that will be delivered to our clients and other parties.
- Assist in cyber response and cyber-attack investigations to analyse the artifacts obtained from compromised machines and determine the root cause analysis.
Skills and attributes for success
- Desire to constantly develop your understanding of our clients’ industries, identifying trends, risks, and opportunities for improvement.
- Understanding of multiple technologies to dispense your knowledge of leading practices to enhance service delivery.
- Ability to learn and adapt to complex situations regarding the management and analysis of large data sets in different environments.
- Desire to develop a team through constant coaching and feedback, knowledge, and opportunities to grow.
- Experience in complex investigations, using techniques such as digital forensics, log analysis, eDiscovery, data analysis and timeline creation.
- Ability to communicate technical events and analysis to both technical and nontechnical audiences and an understanding of the potential legal impacts.
- Familiarity with threat intelligence and applications within incident response and forensic investigations.
- Experience with malware analysis and understanding attack techniques.
- Experience interpreting, searching, and manipulating data within enterprise logging solutions.
- Experience working with network, host, and user activity data, and identifying anomalies.
- Strong knowledge of host, network and cloud forensic process, tools, standards and techniques such as: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis.
- Strong knowledge of cyber incident readiness such as cyber risk assessment, development of playbook, simulation drills and compromise assessment.
To qualify for the role you must have
- Bachelor's or Master’s Degree in Computer Science, IT, Cyber Security or related field.
- Solid knowledge of IT Infrastructure and Security topics
- Excellent documentation skills with the ability to prioritize when working on multiple engagements.
- Strong problem solving, analytical, technical, and interpersonal skills.
- The ability to travel to client locations.
Ideally, you will also have
- Achieved, or working towards a digital forensics or eDiscovery related certifications such as
- EnCE, CCE, CCFP, GASF, GCFE, CFCE, CCME, GREM, Nuix-or Relativity-related certifications
- GSE, GCFA, GCIH, GNFA, OSCP, CEH, CHFI
- Working knowledge of tools such as EnCase, Cellebrite, Axiom and Oxygen Forensics.
- Experience in using eDiscovery tools such as Relativity, NUIX and additional eDiscovery platforms.
- Experience in evidence seizure, chain of custody, data collection and/or host-based forensics.
- Knowledge of performing data collection in cloud solutions (such as AWS, Azure, GSuite and/or Office 365).
- Knowledge of Windows, Unix and Mac host-based forensics, Mobile OS’s and command lines.
- Experience with response and analysis tools such as EnCase Forensic, F-response, ELK, Splunk, Wireshark, AWS monitoring system, Azure Sentinel, SIFT Workstation, IEF, Volatility.
What we look for
We are interested in people that have a passion for using technology to solve problems. But we are not just looking for strong technical skills – we are interested in people that can nurture relationships – both internal and external – and are committed to intimately understanding our client’s needs. If you are looking to become part of a community of advisors where you will make a measurable difference across some of the most prestigious businesses around, this role is for you.
For your application to be considered, please upload both your resume and transcript.
Applications are reviewed on a rolling basis and we regret to inform that only shortlisted applicants will be notified.
For further information, and to apply, please visit our website via the “Apply” button below.