Principal Forensic & Incident Response Architect | ...

Principal Forensic & Incident Response Architect | Full TimeJoin to apply for the Principal Forensic & Incident Response Architect | Full Time role at Henry Ford HealthPrincipal Forensic & Incident Response Architect | Full Time5 days ago Be among the first 25 applicantsJoin to apply for the Principal Forensic & Incident Response Architect | Full Time role at Henry Ford HealthGet AI-powered advice on this job and more exclusive features.General SummaryWorking within the Information Privacy and Security Office, the Principal Forensic and Incident Response Architect works closely with all IT departments to detect, analyze, contain, and mitigate computer security incidents. This position is expected to lead and participate in incident response activities including but not limited to computer forensic investigations, live response and triage, and electronic discovery. The Principal Forensic and Incident Response Architect will also perform proactive activities including, but not limited to threat hunting, detection engineering, and tabletop exercises. The Principal Analyst will serve as an escalation point for cyber security incidents and provide oversight of cyber security investigations. The Principal Forensic and Incident Response Architect will report to the Director of Incident Response. This position will work in a collaborative effort with IT and business units to ensure that cyber security incidents are handled appropriately to mitigate the impact of a cyber security incident.General SummaryWorking within the Information Privacy and Security Office, the Principal Forensic and Incident Response Architect works closely with all IT departments to detect, analyze, contain, and mitigate computer security incidents. This position is expected to lead and participate in incident response activities including but not limited to computer forensic investigations, live response and triage, and electronic discovery. The Principal Forensic and Incident Response Architect will also perform proactive activities including, but not limited to threat hunting, detection engineering, and tabletop exercises. The Principal Analyst will serve as an escalation point for cyber security incidents and provide oversight of cyber security investigations. The Principal Forensic and Incident Response Architect will report to the Director of Incident Response. This position will work in a collaborative effort with IT and business units to ensure that cyber security incidents are handled appropriately to mitigate the impact of a cyber security incident.Education/Experience RequiredBachelor's Degree (Security, Technology, or Forensics) or equivalent of five (5) years of relevant experience in lieu of degree is required.Minimum of two (2) years leading hands-on enterprise security incident response investigations, required.Minimum of two (2) years executing threat hunting in both on-premise and cloud environments using both automated tools and manual techniques, required.Solid understanding of network and system intrusion and detection methods, examples of related technologies include SIEM, End Point Detection and Response, firewalls, hacking tools, techniques, and procedures.Deep understanding of Windows and Unix/Linux operating systems including logging facilities.Understanding of network protocol analysis, public key infrastructure, SSL, Active Directory. Understanding of basic malware analysis, endpoint lateral movement detection methodologies and host forensic tools.Understanding of Indicators of Compromise (IOCs) and attacker TTPs.Familiarity with MITRE ATT&CK.Expert understanding of information systems security; network architecture; general database concepts; document management; hardware and software troubleshooting; electronic mail systems; Microsoft Office applications; intrusion tools; and computer forensic tools such as Axiom, EnCase, Access Data, and/or FTK.Certifications/Licensures RequiredGCIH - GIAC Certified Incident Handler, preferred. GNFA - GIAC Network Forensic Analyst,Preferred. GCFA - GIAC Certified Forensic AnalystPreferred. GCFE -GIAC Certified Forensic Examinerpreferred. CFCE - Certified Forensic Computer Examiner, preferred.Additional InformationOrganization: Corporate ServicesDepartment: Ascension Cybersecurity IRShift: Day JobUnion Code: Not ApplicableSeniority levelSeniority levelAssociateEmployment typeEmployment typeFull-timeJob functionJob functionEducation and TrainingIndustriesHospitals and Health Care, Insurance, and Wellness and Fitness ServicesReferrals increase your chances of interviewing at Henry Ford Health by 2xGet notified about new Principal jobs in Detroit, MI.Senior Vice President of Acquisitions (relocation to the Dayton/Northern Cincinnati area)Vice President, North Regional DevelopmentSenior Vice President (SVP) of Business Development - Remote (US)Novi, MI $200,000.00-$350,000.00 1 week agoSr Vice President of Facilities AdvancementVice President of Manufacturing EngineeringAssociate Vice President, Embedded EngineeringDetroit, MI $115,973.00-$147,866.29 2 weeks agoVice President Women and Children, Inpatient Surgery, Peri-Operative and Ambulatory Surgical ServicesVice President of Manufacturing EngineeringPrincipal Management Engineer - Full time - DetroitVice President of Operations, Energy Solutions & ServicesSouthfield, MI $236,997.00-$347,595.59 7 hours agoVice President of Finance and AccountingPrincipal Management Engineer - Full time - DetroitPrincipal Management Engineer - Full time - DetroitConsulting Operations Senior Vice President - Senior LivingHead of Design Management, BLUE OCTOPUS RECRUITMENT LTDDetroit Metropolitan Area $180,000.00-$210,000.00 3 weeks agoDivisional Vice President – Great Lakes Region K12 - Michigan & OhioWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr

Created: 2025-09-17