London, UK or Cork, IRE
Are you ready to make a difference to our world?
Are you ready for your next challenge?
We are looking for a talented Solutions Consultant to join our London based team and help our customers achieve success. In this role, you will partner with the Nuix Sales Team in both a pre and post sales technical capacity to provide custom solutions to their problems. You will also partner with Marketing to help share your knowledge and expertise with the world, and with Development to help shape our solutions.
Key Responsibilities:
Will act as the liaison between Sales, Sales Engineers, and Product Marketing for the Nuix Security & Intelligence division
Responsible for becoming an expert at Nuix Insight division technology and to co-ordinate with the sales people and sales engineers to best support our field teams during pre and post sales
Demonstrating the Nuix software suite to varying levels of both private and public sector agencies to drive interest in the Insight Adaptive Security solution. This requires you to have a clear understanding of the relevant use cases and the ability to tailor the conversation to meet the needs of the attendees
Work closely with Tech Support to document and track issues from start to finish
Document the processes and procedures, tracking the success and learnings of Nuix Insight PoC’s. Assist in content for Nuix Education packages relating to Insight Adaptive Security.
Supporting the entire sales cycle process to help eliminate or reduce technical issues, this includes helping shape the discussion and positioning Insight Adaptive Security’s current feature set as the right solution to meet their needs.
Key Requirements:
6+ years overall IT experience
4+ years in overall IT Security solutions. Endpoint Security, computer forensics and incident response experience is desirable.
Understanding analysis of client/server malware and understanding of malware footprint and IOC searching (disk/registry/RAM/pcap)
Demonstrated success in selling or working with enterprise software solutions
Knowledge of common forensic tools, IR tools and methodologies and best practices
Support team/regional & organizational change/transformation
General understanding of the Tactics, Techniques, and Procedures used by advanced attackers
Knowledge of the Cyber Security Maturity Model as a discussion tool and way to measure security readiness of an organization
Knowledge of SQL and experience writing SQL queries
Experience writing reports using various SQL reporting tools, such as SQL Reports
Ability to thrive in a fast paced, agile environment
Commitment to work collaboratively & cross functionally
Genuine commitment to providing solutions based customer experiences
Excellent communication skills both verbal & written, facilitation & presentation techniques
Previous experience working across varied time zones
Ability to travel up to 50% across EMEA
↧
Digital Forensics Job Vacancies: Solutions Consultant - Security & Intelligence
↧
Education and Training: Ence encase certified examiner
ganron wrote:
jatinder wrote:
H,
I recently passed my EnCE and am now a certified examiner.
I purchased a Training passport from Guidance Software and took Modules DF120, DF210 & the Prep course, the instructors were really good, in addition to this, I brought the EnCE study as you did. I also did the free tests included many times over in the text book which really helped.
It was hard work and but I enjoyed it, the feeling when I passed was really worth all the work.
My background is Finance with some IT, but I wanted a career change and this seemed like the best course to do.
Now I just have to find a job!
Good luck.
* Edited to add I believe that they are only using Version 8 software now.
DO you plan to sell your materials ??? Let me know,thanks.
waiting
↧
↧
General Discussion: Examination of Bluetooth credit card skimmer
There is a new article (very detailed) on Sparkfun,com:
https://learn.sparkfun.com/tutorials/gas-pump-skimmers
Definitely worth a read,
jaclaz
↧
Digital Forensics Job Vacancies: x2 Digital Forensic - Ass. £32-35K, Sr Ass. to £50K London
We are looking to speak to two levels of candidate for permanent vacancies in London (with travel).
The more junior role is at Associate level – so someone with 2-3 years of experience. Could be less experience for the right person.
With starting salary between £32-35K.
You will have experience in Digital Forensics and be familiar with DF tools e.g. Encase, FTK, XRY, Oxygen or similar. Probably have a degree (not essential). Have a good understanding of file formats, networks etc. This is not a pure graduate min. experience would be a year. Can come from any background but any commercial experience is a big plus.
For the Senior Associate level. 4+ years of experience. Experience in corporate investigations – so probably from a commercial vendor, Big4 etc.
You will have the experience asked for in Associate level but at a higher level, probably with more processing experience (Nuix or similar) and maybe more client facing experience. Base salary circa. £40-50 K.
↧
Digital Forensics Job Vacancies: Solutions Consultant - eDiscovery (Nuix)
Hi Nuix,
You may have seen my posts on this forum. I specialise in Digital Forensic and eDiscovery (and related vacancies Data, IT, Cyber, InfoSec) and would welcome supplying Nuix with suitable candidates.
Should you be able to accept support please do contact me.
Kindest regards
Craig
+44 (0) 207 0961200
craig@brimstone-consulting.com
↧
↧
General Discussion: Boot a DD into a Virtual Machine with VirtualBox
jaclaz wrote:
What happens?
Or (alternatively) post the .vmdk descriptor file you are using and I will try and see if I can find if there is anything wrong with it.
jaclaz Thank you for the suggestion. I am traveling through client sights this week. I will try this when I get back and let you know.
↧
Forensic Software: Using Foremost in Kali Linux to recover .MP4
Yes I have a lot of fragmented files or at least what appears to be... but they are all 2 seconds, some sound like repeats and I do not see videos with that, some also sound like parts of two videos? any suggestions?
↧
Digital Forensics Job Vacancies: Forensics position in Dallas/Richardson, Texas
#DFIR Forensics position in Dallas/Richardson, Texas. Looking for a motivated individual who wants to help out great team get to the next level. Lots of opportunity Contact me for details
We want smart people who can grow and learn and are not afraid of challenges.
Threat hunting, big data security analytics, reverse engineering, etc
↧
General Discussion: Informix FC7 Database File Analysis
Hello all,
I have a 54 gigabyte "Informix Dynamic Server 2000 Version 9.21.FC7" file which was restored from a backup tape I need to analyze and report on.
I opened the FC7 file in FTK Imager and could see the following text:
"Archive Backup Tape
Informix Dynamic Server 2000 Version 9.21.FC7
Fri Oct 3 18:48:25 2003
informix/dev/pts/tf..../dev/rmt/c4t5d0BEST"
The data within the FC7 file seems to be encrypted as I could not see English text or numbers throughout the FC7 file when viewed using a hex viewer; this is speculation on my part.
ANALYSIS ATTEMPTS:
1) I purchased RazorSQL (http://razorsql.com/) for $99.00 which advertises itself as being Informix compatible (http://razorsql.com/features/informix_features.html) but RazorSQL could not open the 54 GB FC7 file (error message given was "file too large to open").
I have not contacted RazorSQL yet for support or advice.
2) I processed the 54 GB FC7 file using GetData's Forensic Explorer, but FEX could not view the contents at all of the FC7 file.
3) I downloaded and installed several IBM Informix tools (Dev kit, etc.) but I could not figure out how to use one of the IBM provided tools to open the FC7 file.
QUESTIONS:
Please recommend an analysis tool which can open a 54GB Informix FC7 file from 2003.
The backup tape containing the FC7 file is all that remains of the organization which created the FC7 file, so the only evidence available to analyze or process is the FC7 file itself.
Many thanks for your advice and guidance.
↧
↧
Forensic Software: Using Foremost in Kali Linux to recover .MP4
Are you still using the original memory chip?
Has anything been written to card, such as a recovery program trying to undelete?
Would it possible to ftp me an image of the memory chip? I have a site that I can give you an account for. Please contact me directly if you would like that option
↧
Digital Forensics Job Vacancies: Forensics position in Dallas/Richardson, Texas
I am interested, can you share the details to contact.
↧
General Discussion: Informix FC7 Database File Analysis
can you post the hex header of the file?
↧
Digital Forensics Job Vacancies: Forensic Technology Leader (in-house) - London
Client:
Our client is a global law firm, looking for a leader to build up a forensic technology arm to their thriving legal and forensic accounting practice.
Responsibilities:
* Developing a road-map for the firm's Forensic Technology capability over the next three years and lead the implementation of the agreed plan.
* Utilise a wide range of forensic tools to access, extract and analyse data from phones, mobile devices, computers and storage media, developing bespoke solutions as required.
* Co-ordinating closely with colleagues within and across teams to manage the delivery of client requirements.
* Be service-oriented to meet client deadlines, including working out of business hours when necessary.
Ideal Candidate:
* Minimum 2.1 degree, preferably in Computer Science or another technical field
* Preferably ACA / Chartered Accountant
Salary £100,000 - £150,000 per annum
To view this job in more detail and to apply please click here or follow the link below
https://www.cybersecurityjobsite.com/job/5101804/forensic-technology-leader-in-house-/
↧
↧
Digital Forensics Job Vacancies: Incident Response & Forensics Consultant - Guildford, Surrey
My client a dynamic Tier 1 Investment Bank is currently recruiting for a Incident Response & Forensics Consultant to join their growing team in Surrey. You will be responsible for the investigating and determining the root causes for security events or incidents and be able to identify and mitigate/reduce risks to the Bank.
The successful candidate will preferably have a background in Forensics but candidates with highly technical backgrounds and those who have worked with Windows Linux who are able to demonstrate an interest in forensics may also be successful.
Responsibilities:
Working with Legal and Compliance teams to address cyber forensics
Investigating a variety of matters which are information security related
Assisting in investigations for our existing stakeholders by forensically preserving and analysing digital evidence and presenting the findings
Researching to keep knowledge on threats and methodologies up to date
Analyse the system and ensure it is prepared for the threat of hackers and other threats
Carry out deep dives on laptops when required
Use good networking and communication skills to manage a large enterprise to enable the candidate to find the right person at the right time in the case of a threat or investigation
Skills Required:
EnCE (Encase Certified Examiner) or CFCE (The International Association of Computer Investigative - Specialist)
Advanced Level Knowledge in Cyber Forensics
Evaluate and initiate the processing of Cyber Forensic Investigations
Can develop strategies to improve efficiency and consistency of service delivery
Ability to write reports and statements in clear, unambiguous language
Presentation of professional witness testimony at court, tribunal or disciplinary hearing
Mobile Device Experience
Memory Forensic Analysis Experience
Mac Forensic Experience
Programming skills primarily Python or Enscript
Linux/Unix/Solaris experience
To view this role in more detail and to apply please click here or follow the link below
https://www.cybersecurityjobsite.com/job/5101837/incident-response-and-forensics-consultant/
↧
Digital Forensics Job Vacancies: Incident Response & Forensics Consultant - Amsterdam
Incident Response & Forensics Consultant (ICS/SCADA)
One of my clients who are a major cybersecurity player within the Industrial Automation and Control Systems (IACS) and established leader in industrial control systems security based in Amsterdam is currently recruiting for a talented Incident Response & Forensics Consultant with strong experience in critical infrastructure sectors. Your main responsibility will be helping businesses of all sizes transform the way they manage their critical infrastructures and protect their assets from security risks.
You will be working with some of the industries most well known professionals on a peer level and have exposure to a variety of projects in a number of cyber security disciplines.
Responsibilities:
Leveraging triage skills and a variety of Digital Forensic and Threat Analysis tools when responding to client incidents
Providing our clients with ongoing support post-incident and providing detailed briefings and reports to executive leadership
Assessing intrusion signatures, tactics, techniques, and procedures associated with sophisticated cyber breaches
Perform host and/or network-based forensics across ICS/SCADA systems
Conduct red-team, penetration testing activities by leveraging actual adversary TTPs
Assess and develop information security and incident response programs in a proactive fashion to help mature the security posture of organizations prior to an incident
Lead incident response and proactive engagements
Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management
Demonstrate industry thought leadership through blog posts, conferences, and other public speaking events
Manage internal programs or teams.
Skills Required:
Experience conducting or managing incident response investigations for organizations, investigating targeted threats
Experience leading client engagements and investigations
Experience with operational technologies such as Remote Terminal Units (RTUs),
Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS) and SIS
Fundamental understanding of IT and OT network communication protocols (For example: TCP/IP, UDP, OPC, IEC 101/104, Modbus, IEC 61850, WirelessHART, ISA100 etc.)
Background in a CNI domain, eg transport, energy, utilities, defence or other heavy industry.
Qualifications Desired:
5-10 years of Digital Forensics or Host-based Forensic Analysis Experience
Excellent consulting and communication skills
Good interpersonal skills and a professional image
Contributing thought leader within the incident response industry
Ability to foster a positive work environment and attitude.
Ability and willingness to travel
OSCP/OSCE, or GCFA, GREM certification
Bachelor’s or Master’s degree in Computer Engineering, Electrical Engineering, Computer Science or a related technical field
My client is offering a fantastic salary + bonus + benefits and also a relocation package for any international applications.
Dutch speaking candidates are a plus but all work is conducted in English.
This is a permanent position with no travel expectation however local client visits might be needed occasionally.
To view the role in more detail please click here or follow the link below
https://www.cybersecurityjobsite.com/job/5101827/incident-response-and-forensics-consultant-/
↧
Digital Forensics Job Vacancies: Computer Forensics Consultant - Paris
Job Title: Computer Forensic Consultant
Location: Paris
At least 3+ years' experience working in the digital forensics field (law enforcement and/or private sector). The ideal candidate will be bilingual (French & English).
With a strong background as a digital forensics practitioner, you will be well versed in digital forensic laboratory practices and procedures. Moreover you will be able to manage multiple concurrent computer and mobile device projects with minimal supervision.
Hold at least a University Degree - educated in computer science/cyber security/digital forensics related field.
Knowledge and awareness with ACPO, PACE, data protection laws, RIPA and legislation involving technology.
Broad knowledge of computer hardware and software.
Experience of search & seizure, civil search orders, client site attendance, working in covert operations and hostile environments.
Experience of client facing role and scoping small and large scale investigations from point of seizure to close of case.
Experience of international client facing work and performing IT forensic duties in the field.
Marketing and Business Development ie authoring external articles, delivering presentations to corporates or potential clients to promote DFG service lines.
Experience of delivering technical training and mentoring junior team members in evidence handling and digital forensic procedures.
Experience and understanding of forensic tool validation testing, exhibit store maintenance, UKAS/ISO requirements/maintenance, running a computer forensic laboratory.
Experience Summary:
Overseeing multiple projects encompassing various responsibilities, including: providing oversight of the engagement strategy/approach; collaborate to plan the engagement; manage expectations of service; overseeing client deliverables; preparing final reports and testimony; ensuring that the work product meets the client's needs; and assuming responsibility for engagement economics to achieve revenue goals. Successfully manage to the budget.
Expert Witness:
Training from Bond Solon or government related training in expert witness/court reporting. Experience of writing technical reports and witness statements.
Experience of court reporting or providing expert witness testimony or witness of fact. Understanding of court system and types of courts i.e. Magistrates, Crown, High Court.
Mobile Device Forensics:
Experience of SIM card and Handset/Tablet/GPS involving forensic acquisition, analysis, and verification.
Examining Apple and BlackBerry related products and backups.
Experience in using any of UFED, XRY, OFS, MPE, Flasher Boxes, and USIM Detective.
Computer Forensics:
Experience of using industry standard tools ie EnCase, FTK, FTK Imager, Solo, Tableau, Live Boot CD's, IEF, MacQuisition, NUIX, Password Cracking tools.
Live and Dead forensic acquisition forensic techniques.
Investigative analysis of computers/servers (RAID, Virtual Machines).
Sound knowledge of Windows, UNIX, Linux based OS and Filesystems.
The range of email types and forensic capture knowledge and experience ie pst, ost, edb, nsf.
Knowledge of server topology and range of server backup software/hardware including extraction, cataloguing.
Additional Requirements and Role:
eDisclosure and EDRM exposure/experience would be beneficial.
Commit to developing knowledge. Use technology to continually learn, share knowledge with team members, and enhance service delivery. Maintain an educational program to continually develop skills (both your own and the wider team). Stay informed of the current legal, regulatory and business/economic developments relevant to the client's industry.
You demonstrate ability to develop detailed work plans and prioritization of projects, experience managing multiple projects, providing direction and supervision to team members, conducting project progress meetings with clients.
The successful candidate must also be willing and able to travel, in some cases for extended periods and at short notice.
You have excellent written and verbal communication as well as presentation skills.
Develop and maintain long-term relationships with key business decision makers and networks. You'll lead presentations and proposals for complex projects or elements of highly complex projects, and provide subject matter insight to bids and proposals. Drawing on your skills and experience, you'll create innovative commercial insights for clients, adapt methods and practices to fit operational team and cultural needs, and contribute to thought leadership.
To view this job in more detail please click here or follow the link below
https://www.cybersecurityjobsite.com/job/5101806/computer-forensics-consultant-paris-/
↧
Digital Forensics Job Vacancies: eDiscovery Manager / Forensic, Banking - London
We are seeking to appoint a project manager in our London office and are looking for someone with strong experience in the financial services industry.
Please note you must have:
*Strong project management capabilities/skills
*Strong client facing/management skills
*Experience with forecasting, MI and dashboard reporting
*Expert level skills in the use of Excel (Lookups formulas, chart, macros, etc), or similar program
The following experience will be extremely helpful:
1.E-discovery/eDisclosure experience with database systems and data processing
2.Understanding of voice data extraction , processing a review management
3.Running searches, managing, and analyzing large quantities of data on a review platform
4.Experience with interest rate hedging products or variable corporate loan products within the financial services industry
5.Experience with secured financing transactions or debt structuring,
6.General transaction structuring, execution management and business unit support
7.A legal or accounting background would be helpful; undergraduate degree in finance/accounting/law or similar will be considered
If you would like to view this job in more details and to apply please click here or follow the link below
https://www.cybersecurityjobsite.com/job/5101803/ediscovery-manager-forensic-banking/
↧
↧
General Discussion: Boot a DD into a Virtual Machine with VirtualBox
Good,in the meantime I could do a few more experiments, with interesting results.
The VirtualBox parser (at least in the verison I have) is "queer".
You don' t really *need* most of the fields that the tools (originally made and surely working with VMWare) actually produce.
The bare minimum is as follows:
Quote::
# Disk DescriptorFile
version=1
createType=
RW <size in sectors> FLAT "<filename>" 0
ddb.uuid.image="<UUID>"
Just for the fun of it I made a small batch to create both the "minimal" and the "canonical" version.
Code::
@ECHO OFF
SETLOCAL ENABLEEXTENSIONS ENABLEDELAYEDEXPANSION
IF %1.==. GOTO :Error
SET SRFull="%~dpnx1"
IF NOT EXIST %SRFull% GOTO :Error
SET SRName="%~nx1"
SET SRPath=%~dp1::get size of Source in bytes
SET SRSize=%~z1::get size of Source in 512 bytes sectors
CALL :to_sectors %SRSize%::make a NOT really random 16 bytes string to be used as CID and as ddb.uuid.image
SET HexChar=0123456789ABCDEFF
SET Rand8=
FOR /L %%A IN (1,1,32) DO (
SET /a _rand=!RANDOM! %% 17
CALL :to_hexchar
SET Rand8=!Rand8!!_rand!)
SET ddb.uuid.image="%Rand8:~0,8%-%Rand8:~8,4%-%Rand8:~12,4%-%Rand8:~16,4%-%Rand8:~20,12%"
SET CID=%Rand8:~1,2%%Rand8:~5,2%%Rand8:~9,2%%Rand8:~13,2%:: Now the fun part, the parser of VirtualBox requires only a small subset of the data that:: is normally in a .vmdk descriptor file and in any case there is no need of setting the geometry:: and other ddb. fields apart from the ddb.uuid.image:: So, the following allows to change from the "canonical" version to the shorter one, UNREM:: the one that you choose
CALL :canonical
REM CALL :minimal
GOTO :EOF:canonical
ECHO # Disk DescriptorFile
ECHO version=1
SET CID
ECHO parentCID=ffffffff
ECHO createType="monolithicFlat"
ECHO.
ECHO # Extent description
ECHO RW %SRSizeBlocks% FLAT %SRName% 0
ECHO.
ECHO # The disk Data Base
ECHO #DDB
ECHO.
ECHO ddb.virtualHWVersion = "4"
ECHO ddb.adapterType="ide"
SET ddb.uuid.image
ECHO ddb.uuid.parent="00000000-0000-0000-0000-000000000000"
ECHO ddb.uuid.modification="00000000-0000-0000-0000-000000000000"
ECHO ddb.uuid.parentmodification="00000000-0000-0000-0000-000000000000"
GOTO :EOF:minimal
ECHO # Disk DescriptorFile
ECHO version=1
ECHO createType=
ECHO RW %SRSizeBlocks% FLAT %SRName% 0
SET ddb.uuid.image
GOTO :EOF:to_sectors
SET Number=%1
FOR /L %%B IN (1,1,9) DO (
CALL :divideby2
IF "0"=="!Result:~0,1!" SET Result=!Result:~1!
IF NOT DEFINED Result SET Result=0
SET Number=!Result!)
SET SRSizeBlocks=%Result%:EOF:divideby2
SET Result=::Get length of number
FOR /L %%A IN (14,-1,1) DO (
SET Part=!Number:~0,%%A!
IF !Part!==%Number% SET Length=%%A)
SET Carry=0
FOR /L %%A IN (0,1,%Length%) DO (
IF %%A==%Length% GOTO :EOF
SET /A digit=10*!Carry!+!Number:~%%A,1!
SET /A divdigit=!digit!/2
SET /A Carry=!digit!-!divdigit!-!divdigit!
SET Result=!Result!!divdigit!)
GOTO :EOF:to_hexchar
SET _rand=!HexChar:~%_rand%,1!
GOTO :EOF:Error
ECHO DOn't you like when all you get is:
ECHO an Error occurred!
PAUSE
GOTO :EOF
Virtualbox generates the ddb.geometry fields on its own, and as well once mounted it adds some of the other fields.
It is very possible that VmWare actually *needs* some of the fields I omitted, though.
jaclaz
↧
Mobile Phone Forensics: Encrypted itunes backup.
It appears that even a user/owner that has forgotten the encryption password cannot deactivate this feature in Itunes without setting up new account. Can anyone confirm this is a permanent option.
Has anyone tested connection the Iphone device to a new valid Itunes account and making a new backup with no encryption?
I have read on non-forensic forums that it does not alter the phone data but does lock user/owner out of accessing Itunes purchases when they switch back to the original account
This is on a Iphone6+ running IOS 10.3.3.
↧
Mobile Phone Forensics: A11 Bionic Chip-off
A11 Bionic contains all sub-integrated circuits. Who did already chip-off A10? Pls PM me only.
↧