Conduct IR investigations in compromises, fraud, embezzlement, extortion, theft of intellectual property, identity theft, and corporate espionage. Evaluate and improve the effectiveness of IR policies and programs in use.
Perform forensic analysis and technical investigations involving forensic duplication of electronic media, custom script development, software and malware analysis, researching specialty software and creation of custom tools. Provide civil and criminal litigation support by collecting, reducing, searching and producing e-discovery evidence for use by legal counsel.
Engage vulnerability assessments and penetration testing in a variety of technical environments. Assessment engagements include reviews of technical architecture, external network vulnerability, firewall rule sets, VPNs, wireless networks, phone system vulnerabilities, web application vulnerability, physical pen testing, host configurations, internal network vulnerability, social engineering, source code, mobile devices, mobile applications and commercial software products. Also perform security program, policy and procedure reviews against industry regulations such as PCI and GLB.