Senior Forensics Analyst

ABM is currently seeking a highly motivated and experienced Senior Forensics Analyst. The Senior Forensics Analyst is a senior technical member of the information security team responsible for leading forensic examinations through collection, processing, analysis and preservation of digital data. This role serves as a subject matter expert in digital forensics and works closely with incident responders, security operations center (SOC) staff, threat hunters, and host and network engineering colleagues.

The Senior Forensics Analyst examines digital data and events from computer memory and storage (Windows, Linux, macOS), mobile devices, electronic communications, malware samples and data transmissions across the enterprise. This role provides strategic guidance on forensic processes, mentors junior analysts, and communicates complex technical findings to executive leadership, legal counsel and law enforcement when applicable. The ideal candidate is deeply technical, possesses strong business acumen, and understands how technology is involved in day-to-day operations.

The Senior Forensics Analyst demonstrates a track record of leading complex investigations and driving continuous improvement within the forensic and incident response program.

ABM offers a comprehensive benefits package. For information about ABM’s benefits, visit:
Recruiting Flyer - Staff & Mgmt.

• Lead and conduct forensic examinations including collection, preservation, processing and analysis of digital data and systems across the enterprise
• Serve as the primary subject matter expert for forensic investigations, providing technical direction to incident responders and SOC analysts during escalated security events
• Mentor and develop junior forensic analysts, providing guidance on examination techniques, tool usage and professional development
• Document comprehensive case notes and communicate analysis findings from initial investigation through closure and post-mortem to technical and non-technical stakeholders
• Maintain strict evidence handling procedures including collection, storage, preservation and chain of custody in accordance with legal and regulatory requirements
• Conduct investigations across end-user hosts, servers, network infrastructure, mobile devices, peripherals, cloud environments and application systems
• Perform advanced malware analysis, reverse engineering and examination of obfuscated code to support threat identification and containment
• Develop and refine operational response processes and forensic playbooks for the security operations program
• Analyse penetration test reports and threat intelligence to inform forensic readiness and detection capabilities
• Effectively communicate findings, strategy and recommendations to stakeholders including technical staff, executive leadership and legal counsel
• Recognize and safely utilize attacker tools, tactics and procedures to support discovery, analysis and incident containment
• Develop and maintain relationships with engineering, IT, incident response, SOC, software engineering and cross-functional business teams
• Analyse systems and data sources for accidental, malicious and unauthorized activities, providing actionable results to management and technical teams
• Maintain and improve the forensic lab environment, evaluating new solutions and retaining proficiency with existing tools and methodologies
• Participate in and lead briefings from internal forensics as well as from hired consultants, presented to technical and business leadership
• Communicate with legal, external firms and law enforcement under management direction when investigations require external coordination
• Identify program strengths and weaknesses, recommending improvements to forensic capabilities, skills development and knowledge base
• Research emerging cybersecurity threats and forensic techniques to maintain a proactive security posture
• Support security initiatives through both predictive and reactive analysis
• Perform other duties as assigned

• Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
• Master’s degree…