Digital Forensic and Incident Response Lead

As the Digital Forensics & Incident Response Director within the Cyber Defense organization, you will work with a team of highly technical security professionals focused on the continued enhancement of enterprise capabilities tied to responding to cyber security incidents.  You will bring strategic vision and technical capability to the team to further enhance and develop the cyber incident response program.

You will work on extremely complex problems in which analysis of situations or data requires an evaluation of intangible variables. In addition to deep technical expertise and experience, you will bring excellent problem solving, communication and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus to all that you do.

Location and Workplace Flexibility: We have offices in Atlanta GA, Boston MA, Morristown NJ, Plano TX, St. Louis MO, St. Petersburg FL, and Hyderabad, India. We foster a hybrid and remote friendly culture and all of our employee's work locations are based on the needs of the position and determined by the Leadership team. In-office work and activities, if applicable, vary based on the work and team objectives in accordance with Company policies. 

Responsibilities

• Responsible for Digital Forensics & Incident Response (DFIR) quality control

• Responsible for distinct control function escalations such as those originating from the Security Operations Center (SOC), Security Office (SO), and external entities

• Manage projects related to DFIR readiness such as integration into new BU processes, new technology and incident readiness, and introduction of resiliency improvements

• Investigative case management to include formal documentation, reporting, chain of custody, and evidence disposition

• Risk management of information security, technology risk, and non-technical areas such as legal, fraud, privacy, and reputation risk

• Identify process and resiliency improvement areas; propose changes

• Bring a deep understanding of relevant and emerging technologies

• Maintain a broad knowledge of innovative security principles and theory

Requirements

• Bachelor’s degree in computer science, Information Security, or a related field or 6+ years performing incident response

• Experience with enterprise technologies such as Entra ID/Active Directory, O365, Azure, AWS, Windows, Linux, macOS, etc.

• Advanced experience using SIEM and EDR query languages

• Knowledge of common scripting languages (Python, PowerShell, Bash, etc.)

• Experience performing host, log, memory, and network-based forensics

• Experience performing static and dynamic malware analysis.

• Strong verbal and written communication skills

• Comprehensive understanding of adversarial threat frameworks such as MITRE ATT&CK and Lockheed Martin’s Cyber Kill Chain

• Significant experience and/or deep expertise with several of the following:

• Digital Forensics & Incident Response

• Insider Risk Investigations

• Threat Hunting and Adversary Emulation

• DFIR Automation and Engineering

• Cyber Threat Intelligence

Preferred qualifications:

• Industry standard certifications (CCE, EnCE, GCFE, GCFA, GCIH, GREM, GNFA, GPEN, etc.)

Zelis is modernizing the healthcare financial experience by providing a connected platform that bridges the gaps and aligns interests across payers, providers, and healthcare consumers. This platform serves more than 750 payers, including the top 5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, and millions of healthcare providers and consumers. Zelis sees across the system to identify, optimize, and solve problems holistically with technology built by healthcare experts – driving real, measurable results for clients.

Commitment to Diversity, Equity, Inclusion, and Belonging 
At Zelis, we champion diversity, equity, inclusion, and belonging in all aspects of our operations. We embrace the power of diversity and create an environment where people can bring their authentic and best selves to work. We know that a sense of belonging is key not only to your success at Zelis, but also to your ability to bring your best each day.

Equal Employment Opportunity  
Zelis is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. 

We encourage members of traditionally underrepresented communities to apply, even if you do not believe you 100% fit the qualifications of the position, including women, LGBTQIA people, people of color, and people with disabilities.  

Accessibility Support 

We are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability or a disabled veteran and require a reasonable accommodation with any part of the application and/or interview process, please email TalentAcquisition@zelis.com.  

SCAM ALERT: There is an active nationwide employment scam which is now using Zelis to garner personal information or financial scams. This site is secure, and any applications made here are with our legitimate partner. If you’re contacted by a Zelis Recruiter, please ensure whomever is contacting you truly represents Zelis Healthcare. We will never asked for the exchange of any money or credit card details during the recruitment process. Please be aware of any suspicious email activity from people who could be pretending to be recruiters or senior professionals at Zelis.