Incident Response & Forensic Analyst

Precision Castparts Corp. (PCC) is the market leader in manufacturing large, complex structural investment castings, airfoil castings, forged components, aerostructures, and highly engineered, critical fasteners for aerospace applications. In addition, we are the leading producer of airfoil castings for the industrial gas turbine market. We also manufacture extruded seamless pipe, fittings, forgings, and clad products for power generation and oil & gas applications; commercial and military airframe aerostructures; and metal alloys and other materials for the casting and forging industries. With such critical applications, we insist on quality and dependability – not just in the materials and products we make, but in the people we recruit.

Headquartered in Portland, Oregon, PCC is a multi-billion-dollar company employing more than 20,000 people worldwide.  PCC has over 120 plants spread across twenty-six states in the US and over a dozen countries. PCC is relentless in its dedication to being a high-quality, low-cost, and on-time producer, delivering the highest value to its customers and shareholders while continually pursuing strategic, profitable growth.  PCC was acquired by Warren Buffet-led Berkshire Hathaway in February 2016.

The Forensic and Incident Response Analyst will investigate cybersecurity and/or computer network-related incidents, tier 2 and 3.  The position will perform daily incident response triage communicating accordingly as needed.

Primary Duties and Responsibilities:

• Enhance security operations, analytics, threat hunting, and security orchestration and automation capabilities.
• Perform Daily Incident Response Triage which may also include working during 2nd or 3rd shift and weekends when necessary. This will include using complex analytics to correlate information from multiple sources to detect advanced threat actions.
• Keep up to date on the latest security whitepapers, incidents, tools, tactics for defending against advanced threats and attend Security conferences
• Forensic Analyst team members shall fulfill additional duties as directed by the Lead Forensic Analyst, and Director of Cyber Security.

Experience and Education:

• 4+ years of related work experience (IT/Cyber Security)
• Bachelor’s degree required
• Degree must be in a relevant field (e.g., IT, Computer Forensics, Computer Science, Computer Engineering, Information Security, Information Assurance, or related degree)
• 3+ years of experience working in an operational environment (SOC, NOC, Operations Center)
• One or more of the following certificates are required: GCIH, AWS Security Specialist, Azure Security Engineer Associate, GSFE, GCFA, GCED, CHFI, ECIH, ECSS, CISSP, CCFP

Required Skills:

• Skills in collecting and analyzing cloud forensic artifacts.
• The ability to program in Python is preferred.
• Must demonstrate strong ability to detect threat activity
• Knowledge of the latest cyber threats and tactics, techniques, and procedures used to infiltrate computer networks
• Demonstrated ability to document incident reports.
• Strong analytical skills and attention to details
• Knowledge of cloud security tools and cloud-native forensic artifacts for Azure and AWS.
• Knowledge of the Windows file system, registry functions, and memory artifacts
• Knowledge of TCP/IP communications, and common protocols and applications, including DNS, HTTP, and SMB
• Demonstrated Linux administration experience
• Strong background with SIEM and analytics
• Experience with a variety of logs and telemetry including AV, web server, SIEM, etc.
• Hands-on experience with information security tools, such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
• Travel up to 10%

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.