Insider Risk Investigator and Digital Forensic Examiner
Apply NowCompany: Fortive
Location: Everett, WA 98208
Description:
Fortive is seeking a versatile and highly skilled professional to join our team as an Insider Risk Investigator and Digital Forensic Examiner. In this dual role, you will play a pivotal part in protecting our organization against insider threats and cyber incidents by conducting investigations, analyzing digital evidence, and providing expert testimony as needed. If you are a dedicated cybersecurity professional with a passion for preserving digital evidence, hunting for, and mitigating insider threats, we encourage you to apply.
Duties:
Proactively identify and investigate potential insider threats and security risks. Analyze data from various sources, including log files, security alerts, and user behavior. Correlate findings to detect patterns and anomalies indicative of insider threats.
Conduct incident triage and digital forensic examinations on various devices and data sources, ensuring the proper collection, preservation, and documentation of electronic evidence.
Maintain forensic collection and chain of custody records.
Collaborate and support incident response teams to assess the scope and impact of security incidents and provide forensic expertise to support investigations.
Perform thorough investigations into potential insider threats using industry-standard tools and techniques to recover, analyze, and interpret digital data, uncovering patterns and identifying potential threats.
Conduct interviews of key personnel to gather information and ascertain the validity and impact of potential threats.
Prepare and present expert witness testimony in legal proceedings, maintaining the integrity and credibility of digital evidence.
Create comprehensive forensic reports that clearly explain findings and analysis, suitable for use in legal proceedings or internal investigations.
Work closely with IT, HR, Legal, and other functions to coordinate investigations, share findings, and recommend appropriate actions.
Maintain detailed records of investigations, findings, and actions taken, ensuring compliance with legal and regulatory requirements.
Develop and deliver security awareness training programs to educate employees about insider threats and best practices for prevention.
Stay updated on the latest forensic tools, techniques, and cybersecurity trends, contributing to the development of internal forensic capabilities.
Additional duties as may be assigned from time to time.
Minimum Qualifications:
Bachelor of Science degree in Computer Forensics, Computer Science, Computer Engineering, Information Technology, Management of Information Systems, or related fields.
5+ years experience with insider threat investigations to include digital forensics, incident response and personnel interviews.
Must be willing to relocate to Everett, WA area to work onsite at our corporate office location.
Preferred Qualifications:
Background in law enforcement or security related field with experience in technical investigations.
Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Computer Examiner (CCE), or Certified Forensic Computer Examiner (CFCE).
Related trainings and certifications such as Certified Incident Handler (GCIH), Advanced Incident Response, Threat Hunting and Digital Forensics (FOR508), Enterprise Incident Response or Cloud Forensic Responder (GEIR/GCFR)
Proven experience in insider threat investigations, digital forensics, and incident response.
Strong knowledge of computer hardware, operating systems, file systems, and forensic tools.
Familiarity with risk scoring and threat analysis tools, user and entity behavior analytics, Data Loss Prevention (DLP) security controls, and SIEM tools.
Familiarity with legal and regulatory requirements related to digital evidence, data privacy, and cybersecurity.
Excellent communication, collaboration, and report-writing skills.
Ability to work both independently and as part of a team.
Attention to detail and a commitment to maintaining the highest standards of integrity, confidentiality, and professionalism.
Fortive Corporation Overview
Fortive's essential technology makes the world stronger, safer, and smarter. We accelerate transformation across a broad range of applications including environmental, health and safety compliance, industrial condition monitoring, next-generation product design, and healthcare safety solutions.
We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in software-powered workflow solutions, data-driven intelligence, AI-powered automation, and other disruptive technologies. We're a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to groundbreaking sustainability solutions.
We are a diverse team 18,000 strong, united by a dynamic, inclusive culture and energized by limitless learning and growth. We use the proven Fortive Business System (FBS) to accelerate our positive impact.
At Fortive, we believe in you. We believe in your potential-your ability to learn, grow, and make a difference.
At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone.
Fortive: For you, for us, for growth.
Duties:
Proactively identify and investigate potential insider threats and security risks. Analyze data from various sources, including log files, security alerts, and user behavior. Correlate findings to detect patterns and anomalies indicative of insider threats.
Conduct incident triage and digital forensic examinations on various devices and data sources, ensuring the proper collection, preservation, and documentation of electronic evidence.
Maintain forensic collection and chain of custody records.
Collaborate and support incident response teams to assess the scope and impact of security incidents and provide forensic expertise to support investigations.
Perform thorough investigations into potential insider threats using industry-standard tools and techniques to recover, analyze, and interpret digital data, uncovering patterns and identifying potential threats.
Conduct interviews of key personnel to gather information and ascertain the validity and impact of potential threats.
Prepare and present expert witness testimony in legal proceedings, maintaining the integrity and credibility of digital evidence.
Create comprehensive forensic reports that clearly explain findings and analysis, suitable for use in legal proceedings or internal investigations.
Work closely with IT, HR, Legal, and other functions to coordinate investigations, share findings, and recommend appropriate actions.
Maintain detailed records of investigations, findings, and actions taken, ensuring compliance with legal and regulatory requirements.
Develop and deliver security awareness training programs to educate employees about insider threats and best practices for prevention.
Stay updated on the latest forensic tools, techniques, and cybersecurity trends, contributing to the development of internal forensic capabilities.
Additional duties as may be assigned from time to time.
Minimum Qualifications:
Bachelor of Science degree in Computer Forensics, Computer Science, Computer Engineering, Information Technology, Management of Information Systems, or related fields.
5+ years experience with insider threat investigations to include digital forensics, incident response and personnel interviews.
Must be willing to relocate to Everett, WA area to work onsite at our corporate office location.
Preferred Qualifications:
Background in law enforcement or security related field with experience in technical investigations.
Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Computer Examiner (CCE), or Certified Forensic Computer Examiner (CFCE).
Related trainings and certifications such as Certified Incident Handler (GCIH), Advanced Incident Response, Threat Hunting and Digital Forensics (FOR508), Enterprise Incident Response or Cloud Forensic Responder (GEIR/GCFR)
Proven experience in insider threat investigations, digital forensics, and incident response.
Strong knowledge of computer hardware, operating systems, file systems, and forensic tools.
Familiarity with risk scoring and threat analysis tools, user and entity behavior analytics, Data Loss Prevention (DLP) security controls, and SIEM tools.
Familiarity with legal and regulatory requirements related to digital evidence, data privacy, and cybersecurity.
Excellent communication, collaboration, and report-writing skills.
Ability to work both independently and as part of a team.
Attention to detail and a commitment to maintaining the highest standards of integrity, confidentiality, and professionalism.
Fortive Corporation Overview
Fortive's essential technology makes the world stronger, safer, and smarter. We accelerate transformation across a broad range of applications including environmental, health and safety compliance, industrial condition monitoring, next-generation product design, and healthcare safety solutions.
We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in software-powered workflow solutions, data-driven intelligence, AI-powered automation, and other disruptive technologies. We're a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to groundbreaking sustainability solutions.
We are a diverse team 18,000 strong, united by a dynamic, inclusive culture and energized by limitless learning and growth. We use the proven Fortive Business System (FBS) to accelerate our positive impact.
At Fortive, we believe in you. We believe in your potential-your ability to learn, grow, and make a difference.
At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone.
Fortive: For you, for us, for growth.