Participates in Digital Forensic investigations and focus on internal investigations and security events with a mix of technical, analytical, investigative responsibilities with an internal drive of both finding, proving, and documenting artifacts as well as seeking root cause, options of solutions, and best outcomes.

Will collect digital evidence from various endpoints, devices, systems, environments, and ensure integrity, completeness, and chain of custody while following policy and SOP.

Will analyze various devices, logs, message, email, and activity to uncover knowledge and intent, looking for malicious activity or policy violations.

Will utilize various approved tools and techniques as necessary to accomplish the goal of the investigation.

Will produce detailed, accurate, defensible forensic reports, as well as internal SoPs and project documentation.

Will work closely with incident response teams to investigate and resolve certain security events.

Will develop new methods, and playbooks, as well as sophisticated scripts, applications, and tools, and trains others in their use.

May participate in an incident management team, responding to security events in line with Oracle incident response playbooks.

Investigates purported intrusions and breaches and oversees root cause analysis.

Evaluates existing and proposed technical architectures, policies, standards, and playbooks for security risk, provides technical advice to support the organization and recommends security controls to mitigate.

Brings advanced-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, and where computer programming/scripting knowledge is required.

Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department.