Digital Forensics and Incident Response Sr. Associate

USA-IL-Chicago-30 South Wacker Drive, Suite 3300

RSM

RSM US LLP is the leading U.S. provider of assurance, tax and consulting services focused on the middle market.

View all jobs at RSM

Apply now Apply later

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

The RSM Cyber Response team are the first responders to a client during a cyber crisis.  We help bring order and calm to the chaos and help to diagnose and guide a client through the entire incident response lifecycle to detect, contain, respond, and recovery from the crisis.  We provide the highest level of expertise across digital forensics and incident response and help work across the client team, and their business partners to protect their interests.  When not dealing with cyber crisis events we help clients prepare for those situations by developing, reviewing, and exercising their cyber crisis plans.  The ideal candidate will have a passion for and a strong background in digital forensics, incident response, and cybersecurity.

The Digital Forensics and Incident Response (DFIR) Sr. Associate will be interfacing directly with clients, their teams, and external stakeholders including insurance carriers and legal counsel while participating as part of the RSM Cyber Response team in a client engagement.  The engagement types will span across scenarios like Business Email Compromises (BEC), Ransomware Attacks, Data Exfiltration, Insider Threats, Device Digital Forensics and many other types.

Responsibilities:

  • Participate in scoping calls with clients as requested to assist in defining the incident scope, objectives, and expectations of each engagement.
  • Work closely with other Cyber Response team members to ensure effective engagement.
  • Build strong client relationships based on establishing yourself as a trusted advisor, providing good communication, and being a collaborative problem solver.
  • Communicate advanced cybersecurity concepts both internally and externally and produce clear and concise verbal and written reports detailing incident findings, and analysis.
  • Actively knowledge share with team members cultivating a culture of continuous learning, and stay up to date on industry trends, emerging threats, and best practices.
  • Develop and enhance capabilities of the DFIR practice.
  • Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.
  • Conduct digital forensic investigations and incident response activities as part of the engagement team.
  • Collect, preserve, and analyze forensic evidence.

Qualifications:

Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience.

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related degree, or relevant work experience in these disciplines
  • Former professional experience in participating in active cybersecurity engagements, including incident response, digital forensics investigations, and interaction with clients.
  • Experience in conducting security investigations in Linux and Windows, AWS, Azure, and GCP environments.
  • Knowledge of digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK, Volatility, or Open-Source tools.
  • Scripting in one or more scripting languages such as Python, PowerShell, or .NET
  • Proficiency in conducting forensic analysis, threat assessments, and post incident reviews.
  • Certifications across at least one of CEH, CFCE, CHFI, CISSP, ECIH, ECSA, GCFA, GCFE, GCIA, GCIH, GPEN, GREM, GWAPT, MiCFE, OSCP, Security+
  • Excellent communication and interpersonal skills.
  • Ability to work independently and as part of a team to learn, grow your knowledge, and teach your colleagues.
  • Ability to provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.
  • Ability to work an alternative schedule such as Tuesday through Saturday or Sunday through Thursday if necessary for maintaining coverage.

At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits.

As an Affirmative Action and Equal Opportunity Employer all applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the US uniformed service; US Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable federal, state or local law. 

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please call us at 800-274-3978 or send us an email at careers@rsmus.com.

RSM does not intend to hire entry level candidates who will require sponsorship now OR in the future (i.e. F-1 visa holders). If you are a recent U.S. college / university graduate possessing 1-2 years of progressive and relevant work experience in a same or similar role to the one for which you are applying, excluding internships, you may be eligible for hire as an experienced associate.

RSM will consider for employment qualified applicants with arrest or conviction records in accordance with the requirements of applicable law, including but not limited to, the California Fair Chance Act, the Los Angeles Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the San Francisco Fair Chance Ordinance. For additional information regarding RSM’s background check process, including information about job duties that necessitate the use of one or more types of background checks, click here.

At RSM, an employee’s pay at any point in their career is intended to reflect their experiences, performance, and skills for their current role. The salary range (or starting rate for interns and associates) for this role represents numerous factors considered in the hiring decisions including, but not limited to, education, skills, work experience, certifications, location, etc. As such, pay for the successful candidate(s) could fall anywhere within the stated range.

Compensation Range: $82,400 - $156,200

Individuals selected for this role will be eligible for a discretionary bonus based on firm and individual performance.

Apply now Apply later
  • Share this job via
  • 𝕏
  • or
Job stats:  1  0  0

Tags: AWS Azure CEH CFCE CHFI CISSP Computer Science DFIR ECSA ELK EnCase Forensics GCFA GCFE GCIA GCIH GCP GPEN GREM GWAPT Incident response Linux OSCP PowerShell Python Scripting Windows

Perks/benefits: Career development Competitive pay Health care Insurance Medical leave Salary bonus Team events

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.