[Remote] Digital Forensic Examiner and Incident Responder
Note: The job is a remote job and is open to candidates in USA. Ingram Micro is a leading technology company for the global information technology ecosystem. The Principal Digital Investigator will work within the Security Incident Response Team to assess, analyze, and respond to serious information security events and incidents, requiring expertise in digital forensics and incident response.
Responsibilities
ā¢ Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures)
ā¢ Investigate incidents leveraging forensics tools including Encase, FTK, X-Ways, Axiom, SIFT, and the SIEM to determine source of compromises and malicious activity that occurred
ā¢ Collect, analyze, assess, and disseminate information about cyber threats and potential attacks
ā¢ Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools
ā¢ Participate with Security Incident Response Team (SIRT) in responding to active and time-sensitive threats including communications and coordination across different teams
ā¢ Maintaining proper chain of custody of evidence and associated documentation
ā¢ Testifying in court, Grand Jury, or other legal proceedings through testimony, sworn affidavits, or other legal instruments
Skills
ā¢ Bachelor's degree in computer science, Engineering, Science, Math or Cyber Security related field is required
ā¢ Minimum 8 - 10 years functional experience including a minimum of 5+ years directly related to this role in incident response and digital forensics
ā¢ 3+ years of strong hands-on experience in digital forensics examinations and/or investigations using the EnCase or AXIOM tools
ā¢ 3+ years of experience in law enforcement (deputized) investigations (fraud, counterintelligence, high-tech crimes, etc.)
ā¢ 3+ years of experience in interviewing after taking a Reid Technique class (or an equivalent)
ā¢ Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security
ā¢ Experience with cloud services
ā¢ Strong understanding of vulnerabilities, common attack vectors and has attacker mindset: ability to think about creative threats and attack vectors
ā¢ Strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness
ā¢ Deep understanding of internals and constructs of modern operating systems. (Windows/MacOS/Linux/Unix)
ā¢ Experience with EnCase, FTK, X-Ways, Axiom, SIFT, Splunk, Elastic Stack, Redline, Volatility, WireShark, TCPDump, and open-source forensic tools
ā¢ Experience with eDiscovery processes and the Relativity One platform
ā¢ Relevant security certifications (EnCE, MCFE, CFCE, CCME, CCO, CCPA, GNFA, GCFA)
ā¢ Provide three current work references & pass a criminal background check
ā¢ Pass a proficiency exam related to the role
ā¢ Preference given for experience conducting MacOS examinations
Benefits
ā¢ Healthcare benefits
ā¢ Paid time off
ā¢ Parental leave
ā¢ A 401(k) plan and company match
ā¢ Short-term and long-term disability coverage
ā¢ Basic life insurance
ā¢ Wellbeing benefits
Company Overview
ā¢ Ingram Micro is a provider of technology products and supply chain management services. It was founded in 1979, and is headquartered in Irvine, California, USA, with a workforce of 10001+ employees. Its website is https://corp.ingrammicro.com.
Company H1B Sponsorship
ā¢ Ingram Micro has a track record of offering H1B sponsorships, with 78 in 2025, 76 in 2024, 51 in 2023, 54 in 2022, 52 in 2021, 50 in 2020. Please note that this does not guarantee sponsorship for this specific role.
Apply tot his job
Apply To this Job
Responsibilities
ā¢ Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures)
ā¢ Investigate incidents leveraging forensics tools including Encase, FTK, X-Ways, Axiom, SIFT, and the SIEM to determine source of compromises and malicious activity that occurred
ā¢ Collect, analyze, assess, and disseminate information about cyber threats and potential attacks
ā¢ Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools
ā¢ Participate with Security Incident Response Team (SIRT) in responding to active and time-sensitive threats including communications and coordination across different teams
ā¢ Maintaining proper chain of custody of evidence and associated documentation
ā¢ Testifying in court, Grand Jury, or other legal proceedings through testimony, sworn affidavits, or other legal instruments
Skills
ā¢ Bachelor's degree in computer science, Engineering, Science, Math or Cyber Security related field is required
ā¢ Minimum 8 - 10 years functional experience including a minimum of 5+ years directly related to this role in incident response and digital forensics
ā¢ 3+ years of strong hands-on experience in digital forensics examinations and/or investigations using the EnCase or AXIOM tools
ā¢ 3+ years of experience in law enforcement (deputized) investigations (fraud, counterintelligence, high-tech crimes, etc.)
ā¢ 3+ years of experience in interviewing after taking a Reid Technique class (or an equivalent)
ā¢ Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security
ā¢ Experience with cloud services
ā¢ Strong understanding of vulnerabilities, common attack vectors and has attacker mindset: ability to think about creative threats and attack vectors
ā¢ Strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness
ā¢ Deep understanding of internals and constructs of modern operating systems. (Windows/MacOS/Linux/Unix)
ā¢ Experience with EnCase, FTK, X-Ways, Axiom, SIFT, Splunk, Elastic Stack, Redline, Volatility, WireShark, TCPDump, and open-source forensic tools
ā¢ Experience with eDiscovery processes and the Relativity One platform
ā¢ Relevant security certifications (EnCE, MCFE, CFCE, CCME, CCO, CCPA, GNFA, GCFA)
ā¢ Provide three current work references & pass a criminal background check
ā¢ Pass a proficiency exam related to the role
ā¢ Preference given for experience conducting MacOS examinations
Benefits
ā¢ Healthcare benefits
ā¢ Paid time off
ā¢ Parental leave
ā¢ A 401(k) plan and company match
ā¢ Short-term and long-term disability coverage
ā¢ Basic life insurance
ā¢ Wellbeing benefits
Company Overview
ā¢ Ingram Micro is a provider of technology products and supply chain management services. It was founded in 1979, and is headquartered in Irvine, California, USA, with a workforce of 10001+ employees. Its website is https://corp.ingrammicro.com.
Company H1B Sponsorship
ā¢ Ingram Micro has a track record of offering H1B sponsorships, with 78 in 2025, 76 in 2024, 51 in 2023, 54 in 2022, 52 in 2021, 50 in 2020. Please note that this does not guarantee sponsorship for this specific role.
Apply tot his job
Apply To this Job