Associate, Security & Privacy Risk Consulting – Digital Forensic & Incident Response

RSM’s purpose is to deliver the power of being understood to our clients, colleagues and communities through world-class audit, tax and consulting services focused on middle market businesses. The clients we serve are the engine of global commerce and economic growth, and we are focused on developing leading professionals and services to meet their evolving needs in today’s ever-changing business environment.

In order to address the most critical needs of our clients, RSM has established the Security and Privacy Risk Consulting group, dedicated exclusively to serving the cybersecurity needs of our clients. This group includes experienced consultants located throughout North America focused on helping clients with preventing, detecting, and responding to security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise within areas of security testing, architecture, governance, compliance, and digital forensics.

We are growing our practice in Canada and are looking for an Associate to join our Digital Forensics and Incident Response (DFIR) team! Our DFIR practice is made up of individuals able to contribute tangible value to our clients in the areas of digital forensics, incident response, and cyber investigations.

Responsibilities

• Proactively participate in and supervise projects involving the identification, collection, and analysis of computer systems and electronic data sources relevant to investigative, legal, or regulatory initiatives
• Perform remote and onsite digital evidence collections and forensic analysis tasks through the use of industry standard hardware and software applications
• Evaluate malicious activity on company networks assets and mitigate threats using a variety of digital forensic and incident response tools, processes, and techniques
• Facilitate communication and coordination between clients, clients’ internal and external counsel, and law enforcement entities
• Understand the technical skills required for completing digital forensic investigations within a lab environment and remote client locations
• Follow proper evidence collection and chain of custody practices, including the completion of relevant documentation
• Analyze network logs, application logs, computer systems, and malicious code to identify scope and timeline of system or network compromise
• Research and test new tools, findings, and investigative methods that may be encountered during an investigation and document and share any new information that may be useful to the team
• Assist with the development and delivery of remediation recommendations for identified findings
• Identify and clearly articulate findings to senior management and clients, which comprise of both technical and non-technical audiences

Basic Qualifications

• Understanding of digital forensic investigations or incident response with personal computer systems, servers, email and electronic data storage, and mobile devices
• Ability to identify cybersecurity risks, indicators of compromise and remediation tasks of networks and computer systems
• At least one industry recognized certification
• Ability to travel as needed
• High degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices
• Strong verbal and written abilities
• Strong multitasking and project management skills

Preferred Qualifications

• Familiarity/experience with the following:
• Demonstrated clear understanding of digital rules of evidence including acquiring forensically sound images, maintaining chain of custody, and the privacy aspects of performing investigations on employee systems
• Forensic tool suites experience (Axiom, EnCase, Nuix, Autopsy, FTK)
• Bachelor’s degree in computer science or related field
• Any of the following technical certifications: GIAC Certified Enterprise Defender (GCED); GIAC Certified Incident Handler (GCIH); GIAC Certified Incident Analyst (GCIA); GIAC Certified Forensic Analyst (GCFA); GIAC Reverse Engineering Malware (GREM); Certified Hacking Forensics Investigator (CHFI); Certified Ethical Hacker (CEH); Certified Computer Examiner (CCE); Certified Forensic Computer Examiner (CFCE) or equivalent vendor specific certifications (e.g. EnCase, AccessData)

In accordance with applicable law and RSM policy, prospective hires will be required to demonstrate that they have been fully vaccinated for COVID-19. If not vaccinated for COVID-19 they mustqualify for
an accommodation to this vaccination requirementorparticipate in testing.

If you are located in New York, pursuant to current applicable law, you will be required to be vaccinated to enter the New York office and testing is not an option to enter the New York office.

You want your next step to be the right one. You’ve worked hard to get where you are today. And now you’re ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you’ll move quickly along the learning curve and our clients will benefit from your fresh perspective.

Experience RSM. Experience the power of being understood.

RSM is an equal opportunity/affirmative action employer. Minorities/Females/Disabled/Veterans.