GPS Manufacturer/Distributor

We are seeking a full-time Digital Forensics and Incident Response Engineer for our headquarters in the greater Kansas City area.  

This individual will lead and be held responsible for conducting highly sensitive, complex, investigations into cyber incidents, systems compromise, data loss, and other types of cyber incidents. Completes threat modeling assessments and uses threat intelligence resources to minimize risks/threats to Garmin.  This individual will work extensively wiht Garmin’s cyber forensics programs associated with computer, network, and malware forensic investigations.

ESSENTIAL FUNCTIONS:

• 
  

  Conduct host and network forensics, log analysis, and malware analysis in support of incident response investigations affecting a variety of operating systems

  
  


• 
  

  Conduct threat modeling, interdependency modeling and threat analysis in a large-scale computing/networking environment (e.g. large enterprise, cloud computing, wireless environments)

  
  


• 
  

  Perform cyber threat research using OSINT, incident response engagement data, and proprietary tools telemetry; conduct threat modeling, and produce intelligence threat assessments

  
  


• 
  

  Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers and management for purposes of making actionable threat intelligence products

  
  


• 
  

  Identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on creating custom signatures such as Sigma and Yara rules for detection and remediation

  
  


• 
  

  Work with the team to define and drive a cohesive security strategy around internal and external investigations and enforcement that can be communicated both internally to associates and externally

  
  


• 
  

  Recognize and organize attacker tools, tactics, and procedures (TTPs) and indicators of compromise (IOCs) that can be applied to current and future investigations

  
  

OTHER RESPONSIBILITIES:

• 
  

  Liaise with architects and security practitioners to share best practices and insights

  
  


• 
  

  Provide security guidance to engineering and operations teams to help them meet Information Security requirements

  
  


• 
  

  Perform other duties as necessary

  
  

EDUCATION EXPERIENCE AND SKILLS REQUIRED:

• 
  

  Bachelor of Science Degree in Computer Science, Information Technology, Management Information Systems, Business or another relevant field AND a minimum of 6 years relevant experience OR a Master of Science Degree in one of the fields noted above AND a minimum of 2 years relevant experience

  
  


• 
  

  Experience using forensics tools such as EnCase, FTK, SleuthKit, Volatility, etc

  
  


• 
  

  Experience in network, host and memory forensics (including live response) for Windows, OSX, and Linux

  
  


• 
  

  In depth, hands-on understanding of application architectures and technology across all domains (including web applications, mobile technology, identity and access management)

  
  


• 
  

  Proficiency with various methods of vulnerability assessment including vulnerability scanners, password crackers, network protocol attacks

  
  


• 
  

  Demonstrated proficiency with Python or Ruby programming language

  
  


• 
  

  Must be team-oriented, possess a positive attitude and work well with others

  
  


• 
  

  Driven problem solver with proven success in solving difficult problems

  
  

DESIRABLE QUALIFICATIONS:

• 
  

  CISSP

  
  


• 
  

  SANS – GREM, GCFA, GNFA

  
  

Garmin International is an equal opportunity employer.  Qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, veteran’s status, age or disability.