Description: Job Description
The position provides global investigative expertise for Global Corporate Security Operations by conducting and managing complex and "high profile? investigations of threats, data breaches and communications fraud activities affecting customers and the company as a whole. This involves technical, analytical, reporting and investigative skill sets to research and data mine various internal and external sources, systems and databases in order to obtain the evidence necessary for mitigation/vulnerability closure and/or law enforcement referral. Position works extensively with law enforcement to bring criminal activity against the company and its customers to a resolution. Risk/threat assessments for newly identified network/system vulnerabilities and new company projects and initiatives Global Corporate Security Operations has an interest in also occurs.
Duties and Responsibilities:
? Conduct global investigations surrounding major breaches of Customer Proprietary Network Information (CPNI), Sensitive Personal Information (SPI), Payment Card Industry (PCI), Personal Health Information (PHI), Personally Identifiable Information (PII) and proprietary sensitive company information. Refer trends and major breaches of customer and company information to law enforcement for further investigation and prosecution support.
? Conduct global investigations surrounding major communications fraud trends which can involve domestic and international individuals and organized crime rings that target Telecommunication and its customers resulting in significant financial losses to the company. Refer trends and major communications fraud investigations to law enforcement for further investigation and prosecution support.
? Investigative techniques include, but is not limited to, gathering raw data and evidence, applying conditions, performing analysis, rationalizing results, drawing conclusions, making recommendations, and preparing comprehensive and level appropriate reports. Investigative reports are summarized for Management and law enforcement referral. Participation in investigative interviews is also required.
? Coordinate the collection and preservation of IT systems and/or applications logs from which the suspect activity is originating for investigative evidentiary purposes. Once collected and preserved, perform an investigative review to identify the source of compromise and/or how the fraud occurred, vulnerabilities and/or risks exposed, customers impacted and/or information compromised.
? Technical expertise on IT systems and processes to identify and recommend technical solutions and process/policy improvements for risks and vulnerabilities identified throughout the course of investigations. This will often require coordination with various departments within Telecommunication in order to accomplish tasks and goals established by Management.
? Proficient in the use of Regular Expressions.
? Proficient in the use of Excel (pivot tables).
? Strong understanding of IP networks.
? Background in incident response, and network forensics.
? Technical expertise and experience in writing SQL queries against the company's data warehouse and fraud detection systems for fraud trending, and evidentiary findings.
? Play an active role in Telecommunication's Computer Incident Response Team (CIRT) where Corporate Cyber Security has a need, or interest, to participate in order to fully understand the problem at-hand, often requiring investigative actions, to make recommendations on appropriate courses of action and to advise Corporate Cyber Security Management of the situation.
? Become Corporate Cyber Security's representative and liaison to various departments on new projects and initiatives the business is moving forward on. This entails the review of project requirements, timelines, identifying risks and exposures and recommending physical and technical security enhancements and/or alternative methods to ensure Telecommunication is protected in the future.
? Coordinate with Legal, Privacy, Information Security, Network Security, Fraud Governance, IT, Revenue Assurance and any other department for major data breaches and significant communications fraud trends. This is to ensure risks and vulnerabilities identified throughout the course of investigations are mitigated and resolved quickly.
? Comply with State and Federal regulations and report major data breaches of CPNI, SPI, PCI and PHI within a specified timeframe as required by law and as directed by Privacy and Legal. Prior to this reporting, extensive data collection and analysis is performed and presented to Privacy and Legal for review and breach determination.
? Become Telecommunication's representative and liaison with law enforcement on investigations and criminal matters against the Company and its customers.
? Perform other investigative and analytical duties as assigned by Management.
? BA/BS degree, or equivalent work experience preferred.
? 2-3 years of Legal/Investigations or equivalent work experience.
? 2-3 years of IT Security/Cyber Investigations or equivalent work experience.
? 2-3 years of experience conducting investigative interviews with internal/external suspects.
? 1 year of experience in writing and executing queries (Example: SQL).
? Certifications: GISF, CISSP, CISM, CRISC, CFE
? Civil or criminal litigation support experience and familiarity with law enforcement practices are preferred.
? Exceptional analytical, statistical reporting and research skills are essential in order to conduct Investigations/projects.
? Previous experience with billing and point of sale systems.
? Demonstrated proficiency with MS Office Suite (Word, Excel, Access, PowerPoint, Outlook).
? Superior written and verbal communications skills.
? Diplomacy in dealing with Company personnel.
? Demonstrated ability to handle sensitive and confidential information and matters is essential.
? Strong project management skills with proven track record of managing complex projects from inception to completion.
? Additional effort/hours required as needed/requested.
? Strong ability to assess and respond to internal and external security issues and customer demands.
? Highly developed analytical reasoning skills.
? Self-starter with the ability to make independent decisions and the judgment to know when to seek guidance.
? Ability to prioritize multiple responsibilities and process high volumes of work in a timely and accurate manner.
? Must be able to operate in a fast paced environment with a sense of urgency and attention to detail.