Principal Cyber Forensics Analyst

Novartis

Czechy Warszawa, mazowieckie
Stała
Pełny etat

2 miesiące temu

About the roleSandoz is going through an exciting and transformative period as a global leader and pioneering provider of sustainable Generic and Biosimilar medicines.Now as an independently listed company, Sandoz aims to increase its strategic focus, operate with greater agility, set clearer business objectives, enhance shareholder returns, and strengthen its culture for us, the Sandoz associates. This is an exciting time in our history, and by creating a new and ambitious path, it will provide a unique opportunity for us all, both professionally and personally.Join us as a Founder of our 'new' Sandoz!As part of the Sandoz Security Operations team the Principal Cyber Forensics Analyst will support the investigations of the Security Operations Center to effectively collect, analyze, and disseminate digital traces discovered in the course of the SOC investigations. As a Forensic Analyst you will play a crucial role in core investigations of the SOC. You'll have the chance to be at the core of SecOps toolset, integrate and support them to ensure that all the capabilities are working holistically to deliver the best in class service for the SOC/Cyber Defense Center, Vulnerability Management and Sandoz board.Your Key Responsibilities:
Your responsibilities include, but not limited to:

.Conduct analysis of log files, evidence, and other information to determine best methods for identifying the perpetrator(s) of a network intrusion.
Confirm what is known about an intrusion and discover new information, if possible, after identifying intrusion via dynamic analysis.
Provide technical summary of findings in accordance with established reporting procedures.
Examine recovered data for information of relevance to the issue at hand.
Perform file signature analysis.
Perform file system forensic analysis.
Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
Collaborate with stakeholders to define requirements and ensure the tools used align with the organization's needs.
Support the design and implementation of processes to collect and analyse forensic evidence
Evaluate, select, and implement tools and technologies that aid in the analysis and correlation of incident data. This may include data analytics platforms, machine learning algorithms, and visualization tools.
Develop scripts, workflows, and automation tools to streamline the collection, analysis, and dissemination of evidence
Collaborate with other functions support the SOC efforts
Stay updated with the latest trends and technologies in cyber forensic and continuously improve the infrastructure.

Role RequirementsWhat you'll bring to the role:

6 to 8 years of experience in the SOC, including 2 years performing Forensics duties.
Knowledge of investigative implications of hardware, Operating Systems, and network technologies.
Knowledge of data carving tools and techniques (e.g., Foremost).
Knowledge of anti-forensics tactics, techniques, and procedures.
Knowledge of concepts and practices of processing digital forensic data.
Skill in preserving evidence integrity according to standard operating procedures or national standards
Skill in using forensic tool suites (e.g., EnCase, Sleuthkit, FTK).
Skill in conducting forensic analyses in multiple operating system environments (e.g., mobile device systems).
Skill in analyzing anomalous code as malicious or benign.
Skill in analyzing volatile data.
Skill in processing digital evidence, to include protecting and making legally sound copies of evidence.
Ability to conduct forensic analyses in and for Windows, MacOS and Unix/Linux environments.
Skill in identifying obfuscation techniques
Skill in interpreting results of debugger to ascertain tactics, techniques, and procedures.
Skill in conducting bit-level analysis.
Skill in analyzing memory dumps to extract information.
Knowledge of reverse engineering concepts.
Knowledge of malware analysis tools (e.g., Oily Debug, Ida Pro).
Knowledge of binary analysis.
Skill in deep analysis of captured malicious code (e.g., malware forensics).
Skill in using binary analysis tools (e.g., Hexedit, command code xxd, hexdump).
Skill in analyzing malware.
Strong understanding of network protocols, security technologies, and threat intelligence concepts.
Proficiency in programming languages such as Python, scripting, and automation tools.

Why Sandoz?Generic and Biosimilar medicines are the backbone of the global medicines industry. Sandoz, a leader in this sector, touched the lives of almost 500 million patients last year and while we are proud of this achievement, we have an ambition to do more!With investments in new development capabilities, state-of-the-art production sites, new acquisitions, and partnerships, we have the opportunity to shape the future of Sandoz and help more patients gain access to low-cost, high-quality medicines, sustainably.Our momentum and entrepreneurial spirit is powered by an open, collaborative culture driven by our talented and ambitious colleagues, who, in return for applying their skills experience an agile and collegiate environment with impactful, flexible-hybrid careers, where diversity is welcomed and where personal growth is encouraged!The future is ours to shape!Join our Sandoz Network: If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Sandoz and our career opportunities, join the Network here: Sandoz Talentpool (novartis.com)#SandozFunctional AreaTechnology TransformationDivisionSANDOZBusiness UnitNON-NVS TSA TECHNOLOGY SZEmployment TypeRegularCommitment to Diversity & Inclusion:We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.Shift WorkNoEarly TalentNo

Novartis

Aplikuj