Digital Forensics Lead

Lake County, IL, United States
Oct 20, 2020
Required Education
Bachelors Degree
Position Type
Full time
About AbbVie
AbbVie's mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas: immunology, oncology, neuroscience, eye care, virology, women's health and gastroenterology, in addition to products and services across its Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at . Follow @abbvie on Twitter , Facebook , Instagram , YouTube and LinkedIn .

In this role you will be collaborating with customers including Legal, Office of Ethics and Compliance, Human Resources, Employee Relations, eDiscovery, and Cyber Security team on behalf of Information Security to provide Digital Forensics and investigation expertise. As a subject matter expert, you will conduct live and dead box digital forensics for investigations related to Windows, Linux, MacOS, ICS, cloud resources, databases, email and mobile devices. The ideal candidate will possess expertise in Digital Forensics and a strong understanding of computer networking and information security concepts.

Responsibilities include:
  • Strong attention to detail, deep personal integrity, and high concern for data accuracy
  • Ability to lead engagements with internal business partners that involve support by the Digital Forensics team
  • Strong interpersonal skills required to establish and maintain positive relationships with our internal business partners
  • Ability to work off-hours and on-call as required
  • Enjoys researching Digital Forensics tools, techniques or processes and has a desire to continue learning
  • Dependable team player who works collaboratively with peers in a team-oriented, security response service environment
  • In depth experience with industry standard Digital Forensics methodologies, including evidence handling, chain of custody procedures, and commonly used forensics toolsets (FTK, X-WAYS, AXIOM, SIFT, Volatility, Sleuthkit, etc.)
  • Proven expertise in filesystem analysis in one or more OS: Mac, Windows, Linux/Unix
  • Comfortable participating or mentoring DFIR tasks including live response and volatile data acquisition and analysis
  • History of writing affidavits, expert opinions, or providing expert testimony experience a plus
  • Scripting experience (Python, PowerShell, etc.) a plus
  • Conducting forensic examinations of digital and other multimedia evidence through the process of identification, collection, and analysis of digital evidence
  • Ensuring data is collected and preserved with best practices and in alignment with AbbVie evidence integrity requirements
  • Analyzing systems, including system memory, to assist with cyber security incidents and investigations to determine root cause
  • Collecting and analyzing relevant logs in support of investigations
  • Performing ongoing research and development with the latest digital forensic trends and tools
  • Managing and maintaining the forensics tools leveraged for investigations
  • Troubleshooting, researching, and resolving technical issues/limitations independently
  • Communicating forensic findings (written reports and verbal overviews) to both business and technology audiences
  • Assisting the Cyber Security Incident Response Team during critical incidents

Required Technical Skills:
  • Experience with a wide range of forensic tools (FTK, Encase, etc.)
  • Experience with memory analysis tools (i.e. Volatility)
  • Experience with logging platforms that allow for quickly searching, analyzing, and pivoting data
  • Experience with Cloud Platform forensic
  • Experience with malware analysis
  • Experience using remote acquisition/analysis tools or endpoint detection/response agents across multiple OS systems for security log or data collections
  • Familiarity with data loss prevention technologies

Desired Skills:
  • Ability to analyze and understand technical information
  • Ability to author clear and concise reports
  • Ability to successfully interact with non-technical customers
  • Strong familiarity with forensics and eDiscovery concepts and processes
  • Strong familiarity with data loss and data protection concepts and processes
  • Strong familiarity with cyber security incident response concepts and processes
  • Experienced in a wide variety of technical solutions focused on forensics and cyber security


Education and Experience:
  • Bachelor's Degree and typically 7 years of experience, Master's Degree and typically 6 years of experience, PhD and typically 4 years of experience
  • Background in life sciences or work experience in the pharmaceutical industry preferred
  • Minimum 6 years of experience in an information security discipline required.
  • Minimum 3 years of experience in a forensics or investigation role required.


GIAC Forensic Examiner (GCFE), GIAC Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), GIAC Network Forensic Analyst (GNFA), GIAC Advanced Smartphone Forensics (GASF)

Significant Work Activities
Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)
Job Type
Job Level Code
Equal Employment Opportunity
At AbbVie, we value bringing together individuals from diverse backgrounds to develop new and innovative solutions for patients. As an equal opportunity employer we do not discriminate on the basis of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information gender identity or expression, sexual orientation, marital status, protected veteran status, or any other legally protected characteristic.