Specialist, Cyber Operations Professional; Digital Forensics Analyst

Position: Specialist, Cyber Operations Professional (Digital Forensics Analyst)

Digital Forensics Analyst

Position Overview

We are seeking a detail-oriented and technically proficient Digital Forensics Analyst to join our cybersecurity team. This role is responsible for conducting digital forensic investigations, analyzing digital evidence, and supporting incident response activities. The ideal candidate will have a strong background in forensic analysis tools, data analysis, and a deep understanding of operating systems, cloud platforms, and forensic processes.

Key Responsibilities

• Lead and conduct digital forensic investigations involving data breaches, malware infections, unauthorized access, intellectual property theft and other security incidents.
• Collect, preserve and analyze digital evidence from endpoints, servers, cloud environments and mobile devices, ensuring proper chain of custody and adherence to legal and regulatory requirements.
• Perform forensic imaging and analysis of Windows, Linux, macOS, and mobile devices using industry-standard tools and methodologies.
• Develop and execute scripts (Python, Power Shell) to automate evidence collection, data parsing, and artifact extraction.
• Analyze logs, network traffic and large datasets to reconstruct timelines and identify root causes.
• Prepare detailed forensic reports and present findings to technical and non-technical stakeholders, including legal, HR, and management.
• Support the development and refinement of forensic processes and playbooks.

Required Technical Skills

• Proficiency in Python or Power Shell scripting for automation and data analysis.
• Experience with forensic imaging and analysis tools.
• Strong understanding of file systems, operating systems (Windows, Linux, and macOS).
• Ability to analyze and interpret large datasets.

Preferred Technical Skills

• Understanding of networking concepts and protocols.
• Exposure to cloud platforms (AWS, Azure, GCP).

Process Knowledge

• Experience in digital evidence collection and preservation and forensic methodologies.
• Familiarity with incident response procedures and integration with forensic workflows.
• Knowledge of regulatory and compliance requirements related to data security, privacy and digital evidence.

Preferred Qualifications

• Certifications such as GIAC GCFA, GCIH, CEH, EnCE, MCFE or similar.
• Strong written and verbal communication skills for reporting and presenting findings.

Preferred Location

• This role is based out of our Columbus, Ohio office, and we prefer candidates who can work a hybrid schedule (combination of in-office and remote work). However, we are open to considering fully remote candidates for the right fit. Preference will be given to applicants located in the Columbus area.

Cyber Operations Professional

Job Description

Key Responsibilities

• Responds to cyber incidents using industry recognized methodology, e.g., PICERL (Preparation, Identification, Containment, Eradication, Recovery and Lessons Learned).
• Creates uplift of cyber security detection and alerts for ongoing prevention of threats.
• Applies secure software and systems engineering practices throughout the delivery lifecycle to ensure our data and technology solutions are protected from threats and vulnerabilities.
• Implements automation and orchestration for the enrichment and handling of cyber security events.
• Supports vulnerability management via tools and processes and proactively identify vulnerabilities in the environment.
• Assists in the planning and execution of team activities to enrich detection and prevention controls.
• Participates in proactive cyber activity (purple teaming, threat hunting, red teaming, etc.) and expands awareness across all aspects of the MITRE ATT&CK framework.
• Identifies critical log sources and system events used for creation and tuning of cyber security detections.
• Maintains awareness of the cyber threat landscape to assist with the evaluation, enrichment and dissemination for action to protect Nationwide members and environment.

Reporting Relationships

Reports to Manager, Risk Lead or above.

Education

Undergraduate studies in cyber security, management information systems, engineering, math, computer science, data analytics or comparable experience and education strongly preferred. Graduate studies in cyber security, computer science or a related field are a plus.

License/Certification/Designation

• Preferred certifications include:
  Certified Information Systems Security Professional (CISSP), Cisco Certified Network Associate (CCNA), Certified Ethical Hacker (CEH), GIAC Certified Intrusion Handler (GCIH), Digital Forensics Investigation:
  EnCase Certified Examiner (EnCE) certification, GIAC Strategic Planning Policy and Leadership (GSTRT), GIAC Security Expert (GSE), Certified Cloud Security Professional (CCSP), AWS Certified Cloud Practitioner, AZ500.

Experience

At least three years of experience in technology. Experience in working with operating systems, networking, desktop support, application development, end point security, database management or information security. Successful candidates will have experience…