Cyber Security Forensics Analyst

Join Con Edison as a System Analyst - Cyber Security Forensics Analyst! We are seeking a highly skilled and motivated individual to join our growing team. In this role, you will be involved in cyber response efforts across both OT and IT environments. You will oversee enterprise-wide forensic collections, manage large-scale response efforts, develop as a member of a high-performing team, and present findings to senior leadership to drive strategic decision-making. Core Responsibilities

• Conduct enterprise forensic collections across IT and OT environments, ensuring accurate and thorough acquisition of evidence.
• Analyze and interpret data to identify indicators of compromise, attack vectors, and root causes.
• Provide recommendations for corporate incident response plans and post-incident reviews.
• Present findings and strategic recommendations to executive stakeholders in a clear and concise manner.
• Continuously evaluate and improve forensic response processes, tools, and methodologies.
• Learn and grow skillset as part of a team of incident response and forensics professionals, to build a high-performing team.
• Collaborate with other cybersecurity teams (e.g., Red Team, vulnerability management, CSOC) to enhance overall detection, response, and mitigation efforts.
• Act as the primary point of escalation for large cybersecurity events.
• Ability to preserve digital evidence, through industry standard best practices.
• Perform reverse engineering malware and conducting static and dynamic analysis of files when required.
• Perform detailed network analysis utilizing open-source and commercial tools.
• Ability to utilize social media/open source for research.
• Identify digital artifacts in a wide range of mobile, embedded, desktop, and server architectures.
• Research various Cybersecurity Technologies and work with SMEs to make recommendations.
• Maintain and improve forensics laboratory.

Required Education/Experience

• Bachelor's Degree and a minimum of two (2) years of Digital Forensics, Incident Response, or other related DFIR experience
• Associate's Degree and a minimum of four (4) years of Digital Forensics, Incident Response, or other related DFIR experience
• High School Diploma/GED and a minimum of two (5) years of Digital Forensics, Incident Response, or other related DFIR experience

Relevant Work Experience

• Previous Digital Forensics/Incident Response experience preferred.
• Proficient in using known commercial and/or open source, incident response and forensic software.
• Understanding of industry standard policies, processes, and procedures
• Understanding of chain of custody
• Previous experience creating timelines and completing a root cause analysis.
• Proficiency in collecting, analyzing the evidence collected and creating reports based on the findings to different stakeholders: (Technical, Executive, etc.)
• Knowledge of current and evolving cyber threat landscape.
• Understanding of OT systems, protocols, and industrial control systems (ICS)
• Ability to remain agile and work in a fast-paced environment.
• Highly organized and detail oriented.
• Demonstrated analytical and impact analysis skills.
• Ability to handle multiple priorities effectively.
• Strong ethical standards and commitment to maintain confidentiality

Skills and Abilities

• Strong verbal communication and listening skills
• Demonstrated written communication skills
• Demonstrated analytical skills
• Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.

Licenses and Certifications

• Driver's License Required
• Other: Relevant DFIR certifications such as GCIH, GCIA, GCFE, EnCE, GREM, CFCE or similar

Additional Physical Demands

• Must be able to respond to Company emergencies by performing a System Emergency Assignment to restore service to our customers.
• Must be able and willing to travel within Company service territory, as needed.
• Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required.

Mission Statement:

Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company’s mission by excelling at our three corporate priorities – safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.