Analyst, Computer Forensic

Job Description

Sysco Associate Apply - Click Here

Company: SBS Cypress
Location: US-TX-Cypress
Zip Code: 77429
Minimum Level of Education: Not Applicable
Minimum Years of Experience: 5
Position Type: Exempt
Travel Percentage: 0

More information about this job:  

We offer our associates the opportunity to grow personally and professionally, to contribute to the success of a dynamic organization, and to serve others in a manner that exceeds their expectations. We're looking for talented, hard-working individuals to join our team. Come grow with us and let us show you why we’re at the heart of food and service.


Computer Forensics Analysts are responsible for examining computer assets in an effort to collect digital evidence such as files, memory details, emails, and logs in a forensically, legally sound manner. Their work is performed in support of internally and externally initiated investigations.


  • Assessing relevant systems and assets to identify evidence pertaining to legal investigations
  • Managing chain of custody for all discovered evidence, and collecting all evidence in legally sound manner
  • Preparing formal findings reports for delivery to internal and external counsel, as well as Security / BT management
  • Contributing to the technical impact and cause assessments for identified security incidents
  • Testifying as expert witness in depositions and court cases relating to investigations handled by Analyst
  • Working with business partners to understand events and develop incident timeline
  • Continually refining solution to eliminate false positives and align with evolving needs
  • Documenting and guiding business and IT on secure, compliant data handling practices
  • Analyzes events identifying inappropriate data handling in an effort to identify business / BT process security issues
  • Investigate and repot DLP policy violations
  • Configuring forensics toolkit (FTK) to automate use cases where possible
  • Running email searches and creating e-discovery holds in Office 365 environment
  • Correlating events being reported across multiple systems and areas of the network that identify a potential security incident, initiating the security incident response process to ensure that the situation is contained and addressed accordingly.
  • Engaging key service providers as links to forensic data are identified in association with their managed systems and infrastructure and working with the providers to ensure that they are aware and assist in evidence collection.
  • Suggesting changes to the environment that would assist with eliminating vulnerabilities and mitigating the risk of exploitation resulting in potential incidents.
  • Contributing to process documentation.
  • Contributing to the design and implementation of ticketing solution enhancement efforts, with the intent to streamline monitoring, alerting, and incident management efforts.
  • Suggesting and implementing process improvements based upon lessons learned.
  • Designing and building custom processes to facilitate evidence collection.
  • Performing other Enterprise Security & Support tasks as required and assigned.
  • Serves as an escalation point for potential security related incidents.




Candidates for this position should have at least 5 years of Information Security experience and knowledge of the following:

  • Security Forensics Toolkits (FTK) & Legally Sound Data Collection Methodologies
  • Monitoring & Analytics: QRadar, Tanium, and Emerging Threats
  • Knowledge of System, DB Platforms and Networking Protocols (On Premises and Cloud): Linux, Windows, Unix, Oracle, DB/2, SQL
  • Hacking and Intrusion Techniques & Prior Experience w/ Security Testing and Computer System Diagnostics
  • Must be proficient at static and dynamic memory analysis
  • Strong analytical skills
  • Able to track and manage a large number of simultaneous activities, as well as cross team dependent activities
  • Able to work collaboratively with minimal supervision
  • Effectively escalates items as required, and can influence decisions and actions without direct authority
  • Able to learn new technologies and processes quickly
  • Able to quickly adapt to changes in timelines and sequences
  • Able to work off hours when required
  • Documenting work papers as evidence of control success or deficiency
  • Strong verbal and written communications skills
  • CISSP, GCDE, GCFA, CEH, GIAC, FTK certification preferred



Applicants must be currently authorized to work in the United States.

SBS Cypress is proud to be an Equal Opportunity and Affirmative Action employer, and considers qualified applicants without regard to race, color, creed, religion, ancestry, national origin, sex, sexual orientation, gender identity, age, disability, veteran status or any other protected factor under federal, state or local law.

This opportunity is available through Sysco Corporation, its subsidiaries and affiliates.

Employment Type: Full Time