Network Forensic Analyst

What you’ll be doing:  

The Incident Response and Network Forensic Analyst is a key member of the Information Security team and is responsible for the design, implementation and oversight of incident response and forensic analysis security solutions within Zappos. 

This individual contributor position requires a strategic thinker with a broad understanding of Zappos's culture and business processes. This position also requires strong collaboration skills, detailed working knowledge of current and emerging incident and forensic security technologies and a familiarity in implementing incident response and forensic security solutions for a complex business environment. The Incident Response and Network Forensic Analyst must be highly knowledgeable about the technical infrastructure on the Zappos network and will ensure that information systems are proactively deployed in a fully functional, secure manner.

What you’ll bring to the table: 

  • Testing and evaluating Incident Response and Forensics Products
  • Triage and lead escalated Security events and incidents
  • Defining incident response policies and procedures that support business needs 
  • Defining forensic investigation policies and procedures that support business needs
  • Participating in the design, management and implementation of Zappos's security infrastructure
  • Researching and recommending emerging security technologies and tools to address current   and future threats
  • Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed
  • Participate in forensic investigations as required, to include the collection, preservation of electronic evidence, analysis, and creation of a final report
  • Preserve and forensically analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices
  • Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
  • Assist intrusion remediation and strategy development and implementation
  • Recommend effective process changes to enhance defense and response procedures
  • Ensure effective vulnerability scanning of the network infrastructure
  • Effectively respond to events and incidents relating to computer security vulnerabilities, malware, and forensic investigations
  • Performing Network Penetration Testing services
  • Providing security consultation on projects as subject matter expert to  identify and manage risks
  • Mentoring junior members of the Information Security Team 

Qualifications: 

  • 3-5 years of professional IT Security Incident Response/Forensics/Network Penetration Testing experience
  • Proven success with incident response program design and implementation
  • Strong experience with the practical and operational side of Information Security
  • Proven experience with information security best practices
  • Proven experience with System/Application vulnerabilities and exploitation
  • Proven experience with malware analysis (dynamic and static)
  • Strong interpersonal, written, and oral communication skills
  • Highly self-motivated and self-directed professional, with keen attention to detail
  • Excellent analytical, problem-solving and decision-making abilities
  • Able to effectively prioritize tasks in a high-pressure environment
  • Deep knowledge of network and web related protocols (specifically how they are deployed
  • at Zappos)
  • Strong customer service and solution-focused mindset
  • Can function well in a team-oriented, collaborative environment with the ability to work independently
  • One or more certifications including: CFCE – Certified Forensic Computer Examiner; GCFE – GIAC Certified Forensic Examiner; OSCP – Offensive Security Certified Professional; GCIA – GIAC Certified Intrusion Analyst; CFE – Certified Fraud Examiner; CISSP – Certified Information Systems Security Professional, or similar certifications

Back to top