Position Details

Salary $123K – $204K USD / year

Type Not Specified

Experience lead

Exp. Years 5+ years

Education Bachelor's degree in Digital Forensics, Information Security, Computer Science, Information Technology, or related discipline

Category Cybersecurity

About this role

Lead Digital Forensics & Incident Response for Prudential's Global Technology. Conduct enterprise-wide investigations across on-prem and cloud environments, leveraging Splunk SPL and KQL, EDR tooling, and forensic software; drive automation and threat-hunting initiatives.

Key Responsibilities

Scope and perform enterprise-wide, global investigations across on-prem and cloud technologies
Leverage Splunk's SPL and Kusto Query Language (KQL) in support of investigative workflows
Utilize EDR tooling to perform enterprise-wide investigations and analysis
Perform log, host, memory, and network-based forensics in support of active investigations
Lead and contribute to unique team-driven projects and automation with XSOAR

Technical Overview

Technical scope includes cloud/on-prem forensics, Splunk SPL and KQL-based investigations, XSOAR automation, and enterprise EDR tooling. Strong emphasis on MITRE ATT&CK and Cyber Kill Chain for threat modeling and remediation.

Ideal Candidate

The ideal candidate is a seasoned insider risk and digital forensics professional with 5+ years of incident response experience, capable of leading investigations across global scales and cloud/on-prem environments. They excel at applying MITRE ATT&CK and Cyber Kill Chain frameworks, communicating findings to executives, and driving automation with XSOAR and forensic tools.

Must-Have Skills

5+ years of incident response experienceBachelor's degree in Digital ForensicsInformation SecurityComputer ScienceInformation Technologyor related disciplineExperience using enterprise forensic software suites (X-WaysEnCaseetc.)Knowledge of scripting languages (PythonPowerShellBash)Industry standard certifications (CCEEnCEGCFEGCFAGCIHGREMGNFAGPENetc.)Comprehensive understanding of adversarial threat frameworks such as MITRE ATT&CK and Lockheed Martin's Cyber Kill Chain

Tools & Platforms

SplunkXSOARX-WaysEnCaseActive DirectoryEntraMicrosoft 365AzureAmazon Web ServicesPythonPowerShellBash

Required Skills

5+ years of incident response experiencedigital forensicsX-WaysEnCasePythonPowerShellBashMITRE ATT&CKCyber Kill ChainSplunkSPLKQLXSOARAWSAzureM365Active DirectoryEntraEDR

Hard Skills

Active DirectoryEntraMicrosoft 365AzureAmazon Web ServicesSplunkSPLKusto Query LanguageKQLEDRXSOARX-WaysEnCasePythonPowerShellBashMITRE ATT&CKCyber Kill Chainforensic software

Soft Skills

CommunicationCollaborationTeamworkAnalytical thinkingProblem-solving

Certifications

Required

Certified Computer Examiner (CCE)EnCase Certified Examiner (EnCE)GIAC Certified Forensic Examiner (GCFE)GIAC Certified Forensic Analyst (GCFA)GIAC Certified Incident Handler (GCIH)GIAC Reverse Engineer Malware (GREM)GIAC Network Forensic Analyst (GNFA)GIAC Penetration Tester (GPEN)

Industry & Role

Industry Insurance

Job Function Technical lead for digital forensics and incident response within Prudential's Cyber Defense & Response team

Role Subtype Insider Risk Lead

Tech Domains Active Directory, Microsoft 365, Azure, Amazon Web Services, Python, PowerShell, Bash, SQL / PostgreSQL

Keywords for Your Resume

leadcyber defenseincident responsedigital forensicsactive directoryEntraMicrosoft 365AzureAmazon Web ServicesSplunkKQLMITRE ATT&CKCyber Kill ChainXSOARX-WaysEnCasePythonPowerShellBashCCEEnCEGCFEGCFAGCIHGREMGNFAGPENActive Directory

Deal Breakers

Bachelor's degree required, 5+ years incident response experience, Must be located in Newark, NJ or willing to relocate

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile

Lead, Cyber Defense & Incident Response

Get matched to jobs like this