Alvarez & Marsal (A&M) is a global professional services firm specializing in turnaround and interim management, performance improvement and business advisory services. A&M delivers specialist operational, consulting and industry expertise to management and investors seeking to accelerate performance, overcome challenges and maximize value across the corporate and investment lifecycles. Founded in 1983, the firm is known for its distinctive restructuring heritage, hands-on approach and relentless focus on execution and results.
A&M's Global Forensic and Dispute Services (GFD) practice has set a new standard for bringing a practical, results-oriented approach to solving problems related to business investigations, complex disputes and regulatory interventions. From the boardroom to the courtroom, the firm delivers a wide array of solutions to contentious situations by drawing on the deep skills, diverse disciplines and experiences of its professionals who offer a unique ability to articulate complex findings in a clear and meaningful manner.
A&M's Forensic Technology team comprises senior forensic and information security technologists, who bring deep expertise in Computer Science and Information Systems, and offer a hands-on approach to collecting, preserving and analyzing electronic information.
The Forensic Technology team is seeking an Incident Response Consultant to join in the Dallas Office.
- Conducting analysis on end-user and server based systems in large and small scale environments;
- Log analysis of a multitude of different sources including host and network devices;
- Malware analysis;
- Analyzing and correlating log data, malicious software behavior, system state changes, and other information across multiple systems to forensically reconstruct malicious activity and impacts;
- Networking environments, architecture and information security;
- Network packet capture and analysis;
- Recovering deleted files, reconstructing Internet history, using GREP search techniques, analyzing metadata, carving unallocated clusters, analyzing registry files, imaging files from servers and RAID arrays, and similar forensic techniques;
- Researching computer processes, system state, and connections from running systems during incident response;
- Building, maintaining, and upgrading computer forensics hardware and software;
- Experience as an IT security administrator is preferred;
- Experience in computer programming is preferred;
- Experience testifying and presenting digital evidence in court is preferred.
The candidate shall possess the following skills:
- Excellent oral and written communication skills;
- Knowledge of digital evidence collection procedures;
- Skill with archiving and chain-of-custody procedures;
- Strong knowledge of network protocols, network analysis tools, and network logs;
- Knowledge of computer evidence and forensics application tools including EnCase, FTK, NetAnalysis, NetWitness, Helix, Raptor, and others
- Knowledge of SQL database management and SQL syntax is preferred;
The candidate shall meet the following education and certification qualifications:
- Bachelor’s degree in a related field and/or at least five (5) years of job-related experience or equivalent.
- Have or be in the process of obtaining one of the following industry standard certifications: