Digital Forensic Examiner and Incident Responder

Accelerate your career. Join the organization thats driving the worlds technology and shape the future.

Ingram Micro is a leading technology company for the global information technology ecosystem. With the ability to reach nearly 90% of the global population we play a vital role in the worldwide IT sales channel bringing products and services from technology manufacturers and cloud providers to business-to-business technology experts. Our market reach diverse solutions and services portfolio and digital platform Ingram Micro Xvantage set us apart. Learn more at

Come join our team where youll make technology happen in surprising ways. Lets shape tomorrow - itll be a fun journey!

ThePrincipalDigital Investigator will work within the Security Incident Response Team (SIRT) to assessanalyzeand respond toserious informationsecurity events and incidents in a global position requires relevant digital forensic certifications such as the EnCase Certified Examiner (EnCE) Magnet Axiom Certified Forensic Examiner Cellebrite Certified Mobile Examiner and position also requiressignificantexperiencein securing physical and digital evidence and performing forensic position will work with other information security teams as well as Information Systems teams to stop security events in progress investigate all aspects of an event and produce written reports.

Your role:

• Perform forensics on network host memory and other artifacts originating from multiple operating systems applications or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics Techniques and Procedures).

• Investigate incidentsleveragingforensics tools including Encase FTK X-Ways Axiom SIFT and the SIEM todeterminesource of compromises and malicious activity that occurred.

• Collect analyze assess anddisseminateinformation about cyber threats and potential attacks.

• Conduct human-driven proactive and iterative hunts through enterprise networks endpoints or datasets to detect malicious suspicious or risky activities that have evaded detection by existing tools.

• Participate withSecurityIncident Response Team (SIRT) in responding to active and time-sensitive threats including communications and coordination across different teams.

• Maintaining proper chain of custody of evidence and associated documentation

• Testifying in court Grand Jury or other legal proceedings through testimony swornaffidavits or other legal instruments.

What you bring to the role:

• Bachelors degree in computer science Engineering Science Math or Cyber Security related field is required.
• Work Experience: Minimum 8 - 10 years functional experience including a minimum of 5 years directly related to this role in incident response and digital forensics.
• 3 years of strong hands-on experience in digital forensics examinations and/or investigations using the EnCase or AXIOM given for experience conducting MacOS examinations.
• 3 years of experience in law enforcement (deputized) investigations (fraud counterintelligence high-tech crimes etc.).
• 3 years of experience in interviewing after taking a Reid Technique class (or an equivalent).
• Advanced knowledge and understanding in various disciplines such as security engineering system and network security authentication and security protocols cryptography and application security.
• Experience with cloud services.

• Strong understanding of vulnerabilities common attack vectorsand hasattacker mindset: ability to think about creative threats and attack vectors.

• Strong communication(i.e. written and verbal) presentation teamworkskillsand resourcefulness.

• Deep understanding ofinternalsand constructs of modern operating systems.(Windows/MacOS/Linux/Unix)

• Experience with EnCase FTK X-Ways Axiom SIFT Splunk Elastic Stack Redline VolatilityWireSharkTCPDump andopen-sourceforensic tools.
• Experience with eDiscovery processes and the Relativity One platform

• Relevant security certifications (EnCEMCFE CFCE CCME CCO CCPA GNFA GCFA).
• Provide three current work references & pass a criminal background check
• Pass a proficiency exam related to the role

#LI-RT1

The ranges above reflect the potential annual base pay across the U.S. for all roles; the applicable base pay range will depend on the candidates primary work location pay grade and variable compensation plan. Individual base pay within each range depends on various factors in addition to primary work location such as complexity and responsibility of role job duties/requirements and relevant experience and skills. Base pay ranges are reviewed and typically updated each year. Offers are made within the base pay range applicable at the time of hire. New hires starting base pay generally falls in the bottom half (between the minimum and midpoint) of a pay range.

At Ingram Micro certain roles are eligible for additional rewards including merit increases annual bonus or sales incentives and long-term incentives. These awards are allocated based on position level and individual performance. U.S.-based employees have access to healthcare benefits paid time off parental leave a 401(k) plan and company match short-term and long-term disability coverage basic life insurance and wellbeing benefits among others.

This is not a complete listing of the job duties. Its a representation of the things you will be doing and you may not perform all these duties.

Please be prepared to pass a drug test and successfully pass a pre-employment (post offer) background check.

Ingram Micro Inc. is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion gender gender identity or expression sexual orientation national origin genetics disability age veteran status or any other protected category under applicable law.