Morgan Stanley
Mobile Forensics Analyst (VP) - Threat Hunt and Cyber Defense
Morgan Stanley, Baltimore, Maryland, United States, 21276
Mobile Forensics Analyst
Morgan Stanley is seeking an experienced Mobile Forensics Analyst to join our Mobile Security - Threat Hunt and Cyber Defense team. This is a Lead Cybersecurity Eng position at Vice President level, which is part of the job family responsible for providing specialist cyber expertise and creating solutions that protect the organization's systems and networks against actual and potential security threats and vulnerabilities. What you'll do in the role: The Mobile Security Team will be responsible for hunting for active intrusions on mobile devices, onboarding new log sources, and developing new and novel ways to detect threats in the mobile landscape. This role will be responsible for the development and execution of advanced threat hunting strategies, focusing on mobile ecosystems, to proactively identify, mitigate, and respond to sophisticated cyber threats. This is a hands-on technical individual contributor role. Preference will be given to candidates with significant skills in mobile forensics, Python scripting, threat hunting with sigma/yara, and log data analysis and aggregation across multiple sources utilizing Elastic and Kibana. Responsibilities: -Write signatures for mobile threats using Python, Sigma, and YARA against a variety of log sources. -Develop and implement mobile forensics policies, procedures, and best practices. -Collaborate with legal, HR, Insider, and law enforcement to support internal investigations, litigation and compliance requirements. -Stay current on mobile device technologies, malware, and forensic methods to enhance team capabilities. -Prepare detailed technical reports and present findings to stakeholders, including non-technical audiences. -Manage forensic lab operations, including equipment maintenance and software licensing. -Coordinate with incident response teams to address mobile-related security incidents. What you'll bring to the role: -Ability to effectively manage multiple functions or guide junior staff and initiatives. -Advanced understanding of business line and discipline with some knowledge of competitive environment and other disciplines. Qualifications: Educations: Bachelor's degree in computer science, Cybersecurity, Digital Forensics, or a related field. Experience: 5+ years of experience in mobile forensics or digital forensics. Proven track record of conducting mobile device investigations in a corporate, government or law enforcement environment. Technical Skills: Experience with mobile forensic tools (e.g., Cellebrite UFED, Magnet AXIOM, Oxygen Forensics, XRY). Strong understanding of mobile operating systems (iOS, Android) and file systems. Experience with scripting (Python, Bash, etc) for automation, Elastic and Kibana for large scale data aggregation and analysis. Threat Hunting experience using Sigma and Yara. Schema generation and data normalization for new datasets. Knowledge of cloud-based mobile data extraction and analysis. Certifications: Cellebrite Certified Mobile Examiner (CCME) Magnet Certified Forensics Examiner (MCFE) GIAC Mobile Device Security Analyst (GMOB) EnCase Certified Examiner (EnCE) Soft Skills: Excellent communication, and interpersonal skills. Ability to manage multiple priorities in a fast-paced corporate environment. Strong problem-solving and analytical skills with attention to detail. Other Requirements: Willingness to work flexible or on-call hours when needed for urgent investigations. Preferred Qualifications: Experience with enterprise-level mobile device management (MDM) systems. Familiarity with network forensics and malware analysis.
Morgan Stanley is seeking an experienced Mobile Forensics Analyst to join our Mobile Security - Threat Hunt and Cyber Defense team. This is a Lead Cybersecurity Eng position at Vice President level, which is part of the job family responsible for providing specialist cyber expertise and creating solutions that protect the organization's systems and networks against actual and potential security threats and vulnerabilities. What you'll do in the role: The Mobile Security Team will be responsible for hunting for active intrusions on mobile devices, onboarding new log sources, and developing new and novel ways to detect threats in the mobile landscape. This role will be responsible for the development and execution of advanced threat hunting strategies, focusing on mobile ecosystems, to proactively identify, mitigate, and respond to sophisticated cyber threats. This is a hands-on technical individual contributor role. Preference will be given to candidates with significant skills in mobile forensics, Python scripting, threat hunting with sigma/yara, and log data analysis and aggregation across multiple sources utilizing Elastic and Kibana. Responsibilities: -Write signatures for mobile threats using Python, Sigma, and YARA against a variety of log sources. -Develop and implement mobile forensics policies, procedures, and best practices. -Collaborate with legal, HR, Insider, and law enforcement to support internal investigations, litigation and compliance requirements. -Stay current on mobile device technologies, malware, and forensic methods to enhance team capabilities. -Prepare detailed technical reports and present findings to stakeholders, including non-technical audiences. -Manage forensic lab operations, including equipment maintenance and software licensing. -Coordinate with incident response teams to address mobile-related security incidents. What you'll bring to the role: -Ability to effectively manage multiple functions or guide junior staff and initiatives. -Advanced understanding of business line and discipline with some knowledge of competitive environment and other disciplines. Qualifications: Educations: Bachelor's degree in computer science, Cybersecurity, Digital Forensics, or a related field. Experience: 5+ years of experience in mobile forensics or digital forensics. Proven track record of conducting mobile device investigations in a corporate, government or law enforcement environment. Technical Skills: Experience with mobile forensic tools (e.g., Cellebrite UFED, Magnet AXIOM, Oxygen Forensics, XRY). Strong understanding of mobile operating systems (iOS, Android) and file systems. Experience with scripting (Python, Bash, etc) for automation, Elastic and Kibana for large scale data aggregation and analysis. Threat Hunting experience using Sigma and Yara. Schema generation and data normalization for new datasets. Knowledge of cloud-based mobile data extraction and analysis. Certifications: Cellebrite Certified Mobile Examiner (CCME) Magnet Certified Forensics Examiner (MCFE) GIAC Mobile Device Security Analyst (GMOB) EnCase Certified Examiner (EnCE) Soft Skills: Excellent communication, and interpersonal skills. Ability to manage multiple priorities in a fast-paced corporate environment. Strong problem-solving and analytical skills with attention to detail. Other Requirements: Willingness to work flexible or on-call hours when needed for urgent investigations. Preferred Qualifications: Experience with enterprise-level mobile device management (MDM) systems. Familiarity with network forensics and malware analysis.