Principal/Digital Forensics, Incident Response & Cybersecurity (Forensic Services practice)

About Charles River Associates

CRA is a leading global consulting firm that provides independent economic and financial analysis behind litigation matters, guides businesses through critical strategy and operational issues to become more profitable, and advises governments on the economic impact of policies and regulations. Our two main services – economic and management consulting – are delivered by practice groups that focus on specific areas of expertise or industries. Click here to learn how CRA can help you  launch your career.

Position Overview

CRA’s  Forensic Services practice supports companies’ commitment to integrity by assisting them and their counsel in independently responding to allegations of fraud, waste, abuse, misconduct, and non-compliance. We are noted for deploying cross-trained teams of forensic professionals to assist our clients in gaining deeper insights and greater value more quickly. We provide accounting and forensic services as well as cybercrime investigation services.

As an experienced leader in the forensic & cyber investigations space, your responsibilities as a Principal may include (but are not limited to):

• Leading security and privacy investigations for CRA clients, in preparation of, and in response to, data security matters, which may include ongoing theft of trade secret investigations, cyber breach detection, threat analysis, incident response and malware analysis;
• Performing forensic analysis of digital information using standard computer forensics and evidence handling techniques and computer forensics tools;
• Serving as primary point of contact for clients with regard to all engagement activities;
• Supervising project team execution by leading quality assurance efforts and overseeing work product;
• Identifying opportunities and implementing improvements to increase the abilities of the digital forensic and incident response team;
• Maintaining effective relationships with local, state and federal law enforcement agencies to assist in criminal matters;
• Creating, leading, and maintaining leveraged team environment that is positioned for continued success and expansion by actively recruiting and retaining employees, and managing team morale;
• Participating in and leading business development efforts by building relationships with current and potential clients, drafting and presenting proposals, participating in pitches, and demonstrating firm capabilities to potential clients;
• Providing technical assessment/audit and guidance to clients on the adequacy of cyber security controls in accordance with cybersecurity frameworks that are included in one or more of the following - NIST CSF 2.0, HIPAA, ISO 27001 and 27002, SOC2, NERC-CIP;
• Assist with team recruiting and training efforts as needed.

Desired Qualifications

• Must hold a Bachelor’s or Master’s degree in a related field.
• 10+ years’ experience in cyber intrusion investigation, digital forensics or incident response analysis.
• Ability to effectively lead teams, prioritize multiple projects and meet timely deadlines.
• Experience in a hands-on technical role functioning as a testifying expert, incident responder, network forensic analyst or malware analyst;
• Experience leading data analytics engagements and managing the execution of technology-based best practices.
• Working knowledge of computer hardware components, operating systems, file systems, computer networks, e-mail systems, mobile devices, IT security or incident response.
• Deep knowledge of networking (TCP/IP, design, traffic flow, protocols, sessions), operating systems (Windows / *nix) and web technologies.
• Experience performing “pixel tracking” investigations;
• Experience in software development lifecycle, full-stack development and performing source code review;
• Willing and able to travel for client projects.

To Apply

To be considered for a position in the United States , we require the following:

• Resume – please include current address, personal email and telephone number;

If you are interested in applying for one of our international locations , please visit our Careers site to view and apply for available jobs.

Career Growth and Benefits 

• CRA’s robust skills development programs , including a commitment to offering 100 hours of training annually through formal and informal programs, encourage you to thrive as an individual and team member. Beginning with research and analysis skill building, training continues with technical training, presentation skills, internal seminars, and career mentoring and performance coaching from an assigned senior colleague. Additional leadership and collaboration opportunities exist through internal firm development activities.
• We offer a comprehensive total rewards program including a superior benefits package, wellness programming to support physical, mental, emotional and financial well-being, and in-house immigration support for foreign nationals and international business travelers.

Work Location Flexibility

CRA creates a work environment that enables our colleagues to benefit from being together in the office to best deliver on our promise of career growth, mentorship and inclusivity. At the same time, we recognize that individuals realize a range of benefits when working from home periodically. We currently ask that individuals spend 3 to 4 days a week on average working in the office (which may include traveling to another CRA office or to a client's location), with specific days determined in coordination with your practice or team. At certain times of the year (e.g. holiday periods), additional remote work options are offered to those whose work commitments permit it, although our offices remain open for those who choose or need to be there.

Our Commitment to Equal Employment Opportunity

Charles River Associates is an equal opportunity employer (EOE). All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, status as a protected veteran, or any other protected characteristic under applicable law.