Denver, CO

Kivu Consulting, a leading cyber security, incident response, computer forensics, and investigations firm seeking an Analyst, Digital Forensics & Incident Response. The ideal candidate will be highly organized and have 3-5 years of penetration testing, vulnerability and risk assessment, and cyber security consulting experience, and be driven to grow their existing skill set. Experience handling client/sensitive data is a significant plus as well as performing in a consultative, customer facing role.

Kivu consists of security analysts who specialize in cyber security, incident response, digital forensics and risk management services. Kivu provides cyber security solutions through a combination of technical, analytical, legal services and experience.

We are looking for a passionate Associate Director of Information Protection consulting services with strong experience in information security, technology, compliance, risk and governance who can take a leadership role in our growing cyber security consulting practice with a focus on security assessments, penetration testing, and information security consulting.

The Associate Director of Information Protection consulting will be responsible for leading a team to review and test our clients’ technical, administrative and physical controls within their information technology environment and provide guidance on mitigating the risks based upon the results.

The successful candidate must be an individual who understands business operations, information technology and security. This individual must have demonstrated leadership specific to technical information security issues with hands on experience with information security testing and consulting. The Director must have the ability to manage and develop staff. High level communication skills are essential to successfully translate technology and security requirements into business terms. Strong client service skills are necessary for interacting with various levels of internal IT staff as well as corporate leadership.

Duties include:

• Be involved with the sales process by working with the business development staff and clients to explain and demonstrate services and products as a subject matter expert
• Assist sales staff with the creation and delivery of proposals Maintain working knowledge of advanced cyber threat actor tactics and techniques
• Research, identify and understand new threats
• Conduct penetration tests, security audits and risk assessments with commercial, open source and self-developed tools and techniques
• Report and present findings to team and clients
• Manage, mentor and train fellow team members
• Internally educate business unit leaders, staff and executive leadership on the information protection practice
• Excel as a self-motivated individual who can work on their own as well as integrated with a team in a variety of situations
• Consistently work to improve our brand through thought leadership

Required experience:

• 3-5 years of consulting experience leading and performing penetration testing engagements and IT security assessments

Preferred Skills and Qualifications:

• Must possess strong verbal and written skills
• Consulting experience a must
• Experience in a number of IT disciplines may provide a solid framework for this position, but must have hands-on results from performing penetration testing, IT risk assessments, information security consulting, or IT audits are most beneficial
• GPEN, OSCP and equivalent security testing and certifications
• Familiarity and knowledge of security frameworks (NIST CSF, CIS, ISO)
• Proven experience with security tools such as Nexpose, Metasploit, Nessus, Kali Linux, etc., as well as other various commercial and self-developed tools
• Experience with scripting languages such as python, ruby, etc., as well as familiarity with programming languages such as: C/C++/ObjC/C#, Java, PHP, or .NET
• Strong knowledge of the Windows client/server architecture and familiarity with Linux/Unix
• Strong networking knowledge with a focus on security
• Team leadership and development experience required
• Project management experience highly desired
• Familiarity with incident handling techniques and processes desired
• Industry visibility through conference presentations, blogging, academic papers and social media is desired
• Business development skills a plus

The position is in Denver, Colorado and is full-time. Compensation will include an attractive base salary, incentive compensation, and full benefits including health and 401(k). Salary is commensurate with experience. Please email a resume and detailed cover letter (outlining how you fit the above requirements) to Doug Brush, Director at dbrush@kivuconsulting.com

Denver, CO

Kivu Consulting, a leading cyber security, incident response, computer forensics, and investigations firm seeking an Analyst, Digital Forensics & Incident Response. The ideal candidate will be highly organized and have 1-2 years of forensics and incident response experience and be driven to grow their existing skill set. Experience handling client/sensitive data is a significant plus as well as performing in a consultative, customer facing role. Kivu consists of security analysts who specialize in cyber security, incident response, digital forensics and risk management services. Kivu provides cyber security solutions through a combination of technical, analytical, legal services and experience. More details on the firm can be found at www.kivuconsulting.com. We are looking for a passionate Analyst to take part in our growing Cyber Investigations consulting practice. The candidate will be responsible for assisting our team respond to digital forensic, incident response, and litigation needs in our clients’ information technology environments. The successful candidate must be an individual who understands digital forensic best practices and data acquisition and basic analysis to reporting. This individual must be a team player, and the ability to manage task specific roles as part of client deliverables. Computer forensic certification from an industry recognized organization and 1 to 2 years’ experience required. Well-developed written and verbal communication skills are essential to successfully translate technical concepts into reports for clients, team members and corporate leadership. Client service skills are necessary for interacting with various client personalities and changes to project scopes.

Duties include:

• Provide immediate onsite and remote support for digital forensics, incident response, and litigation support
• Conduct defensible data acquisitions and analysis
• Demonstrate skills at the identification, collection, preservation, processing of data as part of the investigation process
• Process collected data in various digital forensic, litigation support, and data analytics tools
• Work with and support case team managers
• Document and present findings to team and clients
• Build working knowledge of advanced digital forensic, incident response, and data analytics technologies
• Research, identify and understand new artifacts in enterprise computing environments
• Excel as a self-motivated individual who can work on their own as well as integrated with a team in a variety of situations

Required experience:

1 – 2 years with specific technology experience in digital forensics and incident response required

Preferred Skills and Qualifications:

• Strong verbal and written skills
• Experience with tools such as EnCase, FTK, Internet Evidence Finder, Nuix, Cellebrite, and other industry tools
• Computer forensic certification from an industry recognized organization required
• Additional core competencies a plus such as data analytics and/or eDiscovery
• Familiarity SQL and database technologies desired
• Bachelor’s degree or other industry training desired The position is in Denver, Colorado and is full-time. Compensation will include an attractive base salary, incentive compensation, and full benefits including health and 401(k). Salary is commensurate with experience. Please email a resume and detailed cover letter (outlining how you fit the above requirements) to Doug Brush, Director at dbrush@kivuconsulting.com

Kivu Consulting, a leading cyber security, incident response, computer forensics, and investigations firm seeking an IT Manager and System Administrator to lead administration, support, and maintenance initiatives. The ideal candidate will be highly organized and have 3-5 years of information technology experience and be driven to grow their existing skill set. Experience handling client/sensitive data is a significant plus as well as performing in a consultative, customer facing role. The position will support remote employees in North America and Europe and will require being on call when needed, sometimes after normal business hours. Kivu consists of security analysts who specialize in cyber security, incident response, digital forensics and risk management services. Kivu provides cyber security solutions through a combination of technical, analytical, legal services and experience. More details on the firm can be found at www.kivuconsulting.com. We’re looking for an individual to improve, implement, administer, maintain, and support our internally and externally hosted IT infrastructure. The right candidate will be forward looking, and will have the opportunity to plan and develop strategic internal IT solutions to meet the needs of a growing consultancy while acquiring valuable cyber security, computer forensic, and investigation skills to support our clients.

Duties include:

• Develop a strategic plan which includes short term (less than 3 months), intermediate term (3 to 18 months) and long term (more than 18 months) recommendations to improve Kivu’s productivity and communications utilizing best of breed IT solutions.
• Administer, maintain, and support IT infrastructure consisting of NextGen firewalls (NGFW’s), Windows Active Directory, Microsoft Azure, Office 365, VoIP phone systems, and various cloud based hosted services.
• Provide on-site and remote level 1 and 2 IT support for Windows based servers and endpoints along with a limited Mac and Linux environment during regular business hours and on- call as needed after hours, weekends, and holidays. Remote employees are primarily based in the United States.
• Build and manage desktop and server images with the ability to progressively harden configuration to meet with security standards.
• Handle Disaster Recovery and data back-up operations through cloud based and traditional tape back-up solutions.
• As needed, support operations of the forensic lab and penetration testing environments which include staging project working data sets, archiving completed engagement media, configuring and wiping forensic workstations, and provisioning of offensive security workstations for assessments or testing.
• As needed, provide consulting and customer facing support to Kivu’s clients as part of consulting and incident response engagements.
• The ability to travel, sometimes on short notice, to support internal resources or client needs in North America.

Required experience:
3-5 years IT Management including strategy, infrastructure design and implementation, and project management.

Preferred Skills and Qualifications:

• 3-5 years’ experience in IT support role, including performance of routine hardware and software maintenance.
• Extensive professional experience administering Windows (server/workstation), Linux, Mac, and NGFW operating systems.
• Experience implementing and supporting Microsoft products and Office 365.
• Ability to provide on-site and remote IT troubleshooting.
• Excellent written and verbal communication skills.
• Well-organized and able to work on multiple, simultaneous tasks.
• Excellent and proven customer support, interpersonal and communication skills.
• Process oriented with an attention to detail.
• Drive and capability of working independently.
• Understanding of databases principals.
• Formal technical training and certificate such as MCSE, Cisco, CompTIA, etc.

The position is in Denver, Colorado and is full-time. Compensation will include an attractive base salary, incentive compensation, and full benefits including health and 401(k). Salary is commensurate with experience. Please email a resume and detailed cover letter (outlining how you fit the above requirements) to Doug Brush, Director at dbrush@kivuconsulting.com

Kivu Consulting, a leading incident response and computer forensics firm headquartered in San Francisco, seeks an experienced cyber investigator to join its Incident Response practice. This position will primarily cover the West Coast. More details of the firm can be found at www.kivuconsulting.com.

Our team of experts covers a wide range of assignments, including:

• Analyzing data breaches, determining the cause and extent of data loss, and advising on immediate and long-term remediation;
• Providing pre-breach services including risk assessments, IR plans and pen-testing in a wide range of industries including healthcare and fin-tech;
• Handling complex computer forensics investigations and providing expert witness testimony

We’re looking for someone with:

• Strong experience responding to data breaches
• Ability to provide exceptional client service to all Kivu’s clients including law firms, insurance carriers, business organizations, and public entities
• Experience working directly with C-suite professionals, senior attorneys, and government regulators
• Someone highly responsive to customer needs and deadlines, and with no compromise in work quality The right candidate will be obsessed with accuracy but still able to get relevant results to clients ahead of schedule; be able to triage multiple cases; function in a highly confidential environment; and be able to explain highly technical findings to non-technical executives.

Basic Qualifications

• At least 7 years’ professional experience in network/cyber investigations, incident response, forensics or related InfoSec experience
• Experience in a professional services firm handling law firm clients
• Ability to manage multiple projects and train/ mentor staff
• Relevant industry certifications are a plus: GIAC Certified Incident Handler (GCIH); GIAC Certified Intrusion Analyst (GCIA); GIAC Reverse Engineering Malware (GREM); GIAC Certified Forensic Analyst (GCFA); GIAC Certified Forensic Examiner (GCFE); Encase Certified Examiner (EnCE)
• Advanced working knowledge of forensic tools (e.g. Encase, FTK, BlackLight)
• Experience with Unix, Linux, Mac, and Windows systems, and an admin level understanding of networking, firewalls, and the various protocols involved in data sharing and communications (e.g. how protocols work, their common ports, and common usage)
• Working knowledge of current data collection, storage, and chain of custody best practices
• Excellent reporting skills (both written and verbal)
• Experience presenting findings and recommendations to C-level executives, law enforcement, and outside counsel
• Ability to support business development efforts

Opportunity

This is an entrepreneurial role within an established company that provides the opportunity to implement your ideas and grow your career Do you seek a higher impact role? Do you enjoy building? Tired of big-firm bureaucracy, red tape and politics? Want to see your ideas implemented? Then you should consider this role. The position is full-time. Compensation will include an attractive base salary, incentive compensation and full benefits. Please email a resume and detailed cover letter (outlining how you fit the above requirements) to info@kivuconsulting.com.

Kivu Consulting, a leading computer forensics and investigations firm headquartered in San Francisco seeks an experienced cyber investigator to join  its incident response/ data breach practice.  More details of the firm can be found at www.kivuconsulting.com.

Our team of experts covers a wide range of assignments, including:

• Analyzing data breaches, determining the cause and extent of data loss, and advising on immediate and long-term remediation;
• Briefing and/ or testifying before regulators and law enforcement on breach response and best practices;
• Handling complex computer forensics investigations and providing expert witness testimony in theft of trade secret cases, employee malfeasance, and DOJ/ FTC actions;
• Providing focused e-discovery consulting, collection and processing;
• Providing network and IT systems audits.

We’re looking for someone with:

• In-depth incident response/ computer forensics experience
• Consulting experience and an understanding why attorneys and corporations hire boutique firms rather than the Big 4 behemoths
• The enthusiasm and sense of humor to be a team-leader and mentor

The right candidate will be obsessed with accuracy but still able to get relevant results to clients ahead of schedule; be able to triage multiple cases; function in a highly confidential environment; and be able to explain highly technical findings to non-technical executives.

The position requires being part of a team located in San Francisco, with possible on-site investigations at clients’ premises in California or elsewhere in the US.  By the nature of Incident Response, the work often takes place outside normal working hours.  The right candidate will also play an active role in business strategy and long-term development of the company.

Requirements:

1. At least 5 years’ professional experience in forensics, network/cyber investigations, incident response or related InfoSec experience
2. 2 or more of the following certifications: GIAC Certified Incident Handler (GCIH); GIAC Certified Intrusion Analyst (GCIA); GIAC Reverse Engineering Malware (GREM); GIAC Certified Forensic Analyst (GCFA); GIAC Certified Forensic Examiner (GCFE); Encase Certified Examiner (EnCE)
3. Advanced working knowledge of forensic tools (e.g. Encase, FTK, BlackLight)
4. Experience with Unix, Linux, Mac, and Windows systems, and an admin level understanding of networking, firewalls, and the various protocols involved in data sharing and communications (e.g. how protocols work, their common ports, and common usage)
5. Working knowledge of current data collection, storage, and chain of custody best practices
6. Excellent reporting skills (both written and verbal)
7. Experience presenting findings and recommendations to C-level executives, law enforcement, and outside counsel

The following experience, while not required, would be strong bonuses:

1. Testifying, preferably as an expert, in the area of digital investigations or info sec best practices
2. Experience with forensic analysis of Mac operating system devices
3. Experience with cellphone analysis
4. Working in a regulated sector (e.g. healthcare/ finance/PCI/ law enforcement)
5. Advanced working knowledge of network monitoring tools
6. Investigating/ analyzing security breaches in cloud storage and databases
7. Budgeting and executing IT risk assessments and security audits
8. Datacenter / Server room experience
9. Experience presenting to potential clients or trade groups in the area of incident response or computer forensics
10. Experience leading business development initiatives and responsibility for budgets and marketing/product proposals
11. Programming and scripting skills (e.g. Python, PowerShell, BASH, PERL, Ruby,  SED/AWK)
12. In-depth knowledge of modern Internet systems such as storage arrays, load balancers, and common platforms
13. Malware reverse engineering      skills, including the ability to read assembly code and determine its operability with common operating systems, and the ability to use debug tools and disassembly software tools. Virtual Machines – experience using and trouble-shooting virtual machines
14. Linux – experience using it, troubleshooting it, and deploying the common stacks (e.g. Apache/PHP/MySQL)

The position is full-time.  Compensation will include an attractive base salary, incentive compensation and full benefits.  Salary and incentive compensation are commensurate with experience and demonstrated ability to lead project teams.

Please email a resume and detailed cover letter (outlining how you fit the above requirements) to info@kivuconsulting.com.

NOTE: Applications without a detailed cover letter will not be considered.

Kivu seeks an experienced Human Resources Director to support the firm’s growth and assist in recruitment, retention and employee development as the company expands. The position is located in the firm’s Washington DC office.

Our team of experts covers a wide range of assignments, including:

• Analyzing data breaches, determining the cause and extent of data loss, and advising on immediate and long-term remediation;
• Providing pre-breach services including risk assessments, IR plans and pen-testing in a wide range of industries including healthcare and fin-tech;
• Handling complex computer forensics investigations and providing expert witness testimony

Human Resources Director Job Responsibilities:

Maintains and enhances the organization’s human resources by planning, implementing, and evaluating employee relations and human resources policies, programs, and practices. Responsible for strategic HR projects that are meant to make the company better. These include initiatives to keep employees healthy, training programs to ensure that they are building career experiences and building company culture.

Human Resources Director Job Duties:

• Maintains the work structure by updating job requirements and job descriptions for all positions.
• Talent acquisition – quickly, consistently, and efficiently convert new hires into engaged, empowered, productive, and billable employees. Establish a recruiting, testing, and interviewing program; counseling managers on candidate selection; conducting and analyzing exit interviews; recommending changes.
• Prepare employees for assignments by establishing and conducting orientation and suggesting employee training and development strategies
• Maintains a pay plan by conducting periodic pay surveys; scheduling and conducting job evaluations; preparing pay budgets; monitoring and scheduling individual pay actions; recommending, planning, and implementing pay structure revisions; tying compensation to performance based on quantifiable goals.
• Maximizing existing talent potential Ensures planning, monitoring, and appraisal of employee work results by training managers to coach and discipline employees; scheduling management conferences with employees; hearing and resolving employee grievances; counseling employees and supervisors.
• Formalize our mentor program – develop explicit development milestones and provide regular feedback. Manage out individuals who do not meet performance hurdles.
• Maintains employee benefits programs and informs employees of benefits by studying and assessing benefit needs and trends; recommending benefit programs to management; directing the processing of benefit claims; obtaining and evaluating benefit contract bids; awarding benefit contracts; designing and conducting educational programs on benefit programs.
• Ensures legal compliance by monitoring and implementing applicable human resource federal, state and international requirements; conducting investigations; maintaining records; representing the organization at hearings.
• Maintains management guidelines by preparing, updating, and recommending human resource policies and procedures.
• Maintains historical human resource records by designing a filing and retrieval system; keeping past and current records.
• Contributes to team effort by accomplishing related results as needed.

Human Resources Director Skills and Qualifications:

Hiring, Human Resources Management, Benefits Administration, Performance Management, Communication Processes, Compensation and Wage Structure, Supports Diversity, Classifying Employees, Employment Law, Laws Against Sexual Harassment, Organization

Requirements:

• Bachelor’s degree in relevant field
• 6-8+ years of Human Resources experience with work related to Canada and Europe a plus
• Systems savvy with strong MS Excel skills
• Excellent oral and written communication skills, team player, positive attitude and desire to improve morale and operations
• Prior experience building internal HR department a plus
• Ability to work in an entrepreneurial environment

Opportunity

This is an entrepreneurial role within an established company that provides the opportunity to support Kivu’s leadership team.

Do you seek a higher impact role? Do you enjoy building? Tired of big-company bureaucracy, red tape and politics? Want to see your ideas implemented? Then you should consider this role.

The position is full-time. Compensation will include an attractive base salary, incentive compensation and full benefits.

Please email a resume and detailed cover letter (outlining how you fit the  above requirements) to John Garrison, CFO at jgarrison@kivuconsulting.com

Kivu Consulting, a leading computer forensics and investigations firm is seeking entry-level Cyber Security professionals in the Washington D.C. and New York offices. The ideal candidate will have 1-3 years hands-on experience performing data breach response, in addition to exposure to security risk assessments, incident response, and computer forensics.  This person will carry out a high level of customer service and communication with clients around the country, deploying various technical, analytical, and legal tactics.

 Company Profile

Kivu is a unique and dedicated security consulting firm with offices in San Francisco, Denver, New York City, Canada, Europe, and the Washington, D.C. area.  The firm’s primary areas of service lie within cyber extortion / ransomware, cyber security, computer forensics, and data breach response.  Kivu blends technical and legal expertise to deliver investigative, forensic, and discovery solutions globally.

Job Description

Primary Responsibilities

• Participate in engagements related to preemptive data breach response; analytic and reporting for litigation, data breaches, and regulatory response; workplace and employment issues, including theft of trade secrets, and; investigations related to network breaches/unauthorized access of data through computer forensics and incident response
• Deliver exceptional client services, including communicating with the client throughout the entire project lifecycle to better understand client needs
• Remain highly responsive and ensure all deadlines are met
• Perform data breach response, cyber risk/security assessments, and remain involved in phases such as penetration testing, vulnerability scanning, and log configuration
• Engage with attackers directly to resolve cyber extortion incidents
• Participate in CSIRP development and gap analysis, tabletop exercises, incident response and computer forensics, and data breach response with best practices
• Experience with scan/assessment tools such as Metasploit, Nessus, Burp Suite, Core Impact, and/or others
• Handle web application exploitation, server and client-side attacks, and protocol subversion
• Perform IT System and Network Audits; write technical reports
• Remain abreast of computer networks, hardware, communications, and connectivity

Qualifications

• 1-3 years of relevant experience described above; prior experience consulting in the private sector is a major plus
• Bachelor’s degree or Master’s degree in Cyber Security, Computer Science, Information Security, or other related fields is preferred
• Certifications:  SANS, EnCE, OSCP/OSCE, or other relevant security certifications are preferred
• Familiarity with Windows, Linux, Mac, and UNIX systems
• Proficient in one of more of the following languages:  C, C++, Visual Basic, Python, Ruby, JavaScript, Perl
• Knowledgeable of encryption and encoding methods, communication protocols, and algorithms
• Familiarity with NIST frameworks
• Enthusiastic about delivering the highest quality results to clients on time and on budget
• Able to triage multiple cases simultaneously
• Self-driven to deliver the highest level of results for clients.

The position is full-time. Compensation will include an attractive base salary, incentive compensation and full benefits. Salary is commensurate with experience.

Please email a resume and detailed cover letter (outlining how you fit the above requirements) to ejones@kivuconsulting.com

Elgan Jones, CFE, EnCe

Director, Cyber Investigations

Kivu Consulting, Inc.- Washington D.C.

1875 Connecticut Ave.  NW

Washington, DC. 12th Floor

20009

NOTE: applications without a detailed cover letter will not be considered.

Kivu Consulting, a leading computer forensics and investigations firm is seeking experienced Cyber Security professionals in the Washington D.C., New York and Denver offices. The ideal candidate will have hands-on experience performing and leading data breach response, in addition to extensive knowledge in security risk assessments, incident response, and computer forensics.  This person will carry out a high level of customer service and communication with clients around the country, deploying various technical, analytical, and legal tactics.

 

Company Profile

Kivu is a unique and dedicated security consulting firm with offices in San Francisco, Denver, New York City, Canada, Europe, and the Washington, D.C. area.  The firm’s primary areas of service lie within cyber extortion / ransomware, cyber security, computer forensics, and data breach response.  Kivu blends technical and legal expertise to deliver investigative, forensic, and discovery solutions globally.

Job Description

Primary Responsibilities

• Lead engagements related to data breach response and preemptive cyber security; analytic and reporting for litigation, and regulatory response; workplace and employment issues, including theft of trade secrets, and; investigations related to network breaches/unauthorized access of data through computer forensics and incident response
• Deliver exceptional client services, including communicating with the client throughout the entire project lifecycle to better understand client needs
• Remain highly responsive and ensure all deadlines are met
• Manage staff performing data breach response, cyber risk/security assessments, and remain involved in phases such as penetration testing, vulnerability scanning, and log configuration
• Engage with attackers directly and/or manage staff engaging with attackers to resolve cyber extortion incidents
• Lead CSIRP development and gap analysis, tabletop exercises, incident response and computer forensics, and data breach response with best practices
• Experience with scan/assessment tools such as Metasploit, Nessus, Burp Suite, Core Impact, and/or others
• Handle web application exploitation, server and client-side attacks, and protocol subversion
• Perform IT System and Network Audits; write technical reports
• Remain abreast of computer networks, hardware, communications, and connectivity
• Work closely with firm leadership to continue Kivu’s profitable growth and support initiatives, recruit staff and lead teams

Qualifications

• At least 7 years’ professional experience in network/cyber investigations, incident response, forensics or related InfoSec experience
• Experience in a professional services firm handling law firm clients
• Ability to manage multiple projects and train/ mentor staff
• Relevant industry certifications are a plus: GIAC Certified Incident Handler (GCIH); GIAC Certified Intrusion Analyst (GCIA); GIAC Reverse Engineering Malware (GREM); GIAC Certified Forensic Analyst (GCFA); GIAC Certified Forensic Examiner (GCFE); Encase Certified Examiner (EnCE)
• Advanced working knowledge of forensic tools (e.g. Encase, FTK, BlackLight)
• Experience with Unix, Linux, Mac, and Windows systems, and an admin level understanding of networking, firewalls, and the various protocols involved in data sharing and communications (e.g. how protocols work, their common ports, and common usage)
• Working knowledge of current data collection, storage, and chain of custody best practices
• Excellent reporting skills (both written and verbal)
• Experience presenting findings and recommendations to C-level executives, law enforcement, and outside counsel
• Ability to support business development efforts

The position is full-time. Compensation will include an attractive base salary, incentive compensation and full benefits. Salary is commensurate with experience.

Please email a resume and detailed cover letter (outlining how you fit the above requirements) to ejones@kivuconsulting.com

Elgan Jones, CFE, EnCe

Managing Director, Cyber Investigations

Kivu Consulting, Inc.- Washington D.C.

1875 Connecticut Ave.  NW

Washington, DC. 10th Floor

20009

NOTE: applications without a detailed cover letter will not be considered.

Kivu Consulting, a leading computer forensics and investigations firm is seeking experienced Cyber Security professionals in the Washington D.C., New York and San Francisco offices. The ideal candidate will have hands-on experience performing data breach response, in addition to extensive knowledge in security risk assessments, incident response, and computer forensics.  This person will carry out a high level of customer service and communication with clients around the country, deploying various technical, analytical, and legal tactics.

 

Company Profile

Kivu is a unique and dedicated security consulting firm with offices in San Francisco, Denver, New York City, Canada, Europe, and the Washington, D.C. area.  The firm’s primary areas of service lie within cyber extortion / ransomware, cyber security, computer forensics, and data breach response.  Kivu blends technical and legal expertise to deliver investigative, forensic, and discovery solutions globally.

Job Description

Primary Responsibilities

• Participate in engagements related to preemptive data breach response; analytic and reporting for litigation, data breaches, and regulatory response; workplace and employment issues, including theft of trade secrets, and; investigations related to network breaches/unauthorized access of data through computer forensics and incident response
• Deliver exceptional client services, including communicating with the client throughout the entire project lifecycle to better understand client needs
• Remain highly responsive and ensure all deadlines are met
• Perform data breach response, cyber risk/security assessments, and remain involved in phases such as penetration testing, vulnerability scanning, and log configuration
• Engage with attackers directly to resolve cyber extortion incidents
• Participate in CSIRP development and gap analysis, tabletop exercises, incident response and computer forensics, and data breach response with best practices
• Experience with scan/assessment tools such as Metasploit, Nessus, Burp Suite, Core Impact, and/or others
• Handle web application exploitation, server and client-side attacks, and protocol subversion
• Perform IT System and Network Audits; write technical reports
• Remain abreast of computer networks, hardware, communications, and connectivity

Qualifications

• 2-4 years of relevant experience described above; prior experience consulting in the private sector is a major plus
• Bachelor’s degree or Master’s degree in Cyber Security, Computer Science, Information Security, or other related fields is preferred
• Certifications:  SANS, EnCE, OSCP/OSCE, or other relevant security certifications are preferred
• Familiarity with Windows, Linux, Mac, and UNIX systems
• Proficient in one of more of the following languages:  C, C++, Visual Basic, Python, Ruby, JavaScript, Perl
• Knowledgeable of encryption and encoding methods, communication protocols, and algorithms
• Familiarity with NIST frameworks
• Enthusiastic about delivering the highest quality results to clients on time and on budget
• Able to triage multiple cases simultaneously
• Self-driven to deliver the highest level of results for clients.

The position is full-time. Compensation will include an attractive base salary, incentive compensation and full benefits. Salary is commensurate with experience.

Please email a resume and detailed cover letter (outlining how you fit the above requirements) to ejones@kivuconsulting.com

Elgan Jones, CFE, EnCe

Director, Cyber Investigations

Kivu Consulting, Inc.- Washington D.C.

1875 Connecticut Ave.  NW

Washington, DC. 12th Floor

20009

NOTE: applications without a detailed cover letter will not be considered.