Closing Date: July 3, 2025 at 4:00 PM

CANADIAN INSTITUTE FOR CYBERSECURITY

The Cyber Attribution Data Center (CADC) and established initiative at the Canadian Institute of Cybersecurity located at the University of New Brunswick, is designed to be a national leader in cyber threat attribution. The center's core mission is to identify malicious cyber actors by gathering data from diverse sources and employing advanced cyber attribution intelligence analytics. In addition, the CADC is dedicated to training and equipping the next generation of artificial intelligence cybersecurity specialists. The multidisciplinary unit leverages expertise from social sciences, business, computer science, engineering law and science fostering innovation and collaboration to address the evolving challenges of cybersecurity. The CADC will work closely with industry and government to make Canada and Canadians safer online.

WHAT WE OFFER

Full-time | 3-YearTerm | Fredericton Location | On-Campus

UNB is committed to ensuring employees can maintain a healthy work-life balance.

Standard Work Hours: Mon - Fri | 7:45 am - 4:00 pm | 36.25 hours per week (Summer Hours)

Salary Range: $57,669 - $74,968 per annum *As of July 1st

YOUR FOCUS

Reporting to Deputy Director, the Digital Forensics Analyst leads digital forensic investigations across endpoint and cloud environments, uncovering attack vectors and malicious activity to strengthen the department's cyber threat detection and response capabilities. It also supports cross-institute integration of forensic insights and mentors junior staff in investigation techniques.

• Lead forensic analysis on compromised Windows, Linux, and macOS systems to identify attack vectors.
• Manage memory forensics and file system analysis to extract evidence from volatile and non-volatile storage.
• Identify and document indicators of compromise (IOCs) related to malware infections and unauthorized access.
• Investigate malicious binaries and scripts to understand their functionality and impact.
• Mentor software developers and analysts in forensic methodologies.
• Analyse network traffic logs, packet captures (PCAPs), and firewall events to identify malicious activity.
• Correlate data from IDS/IPS, firewalls, and EDR platforms to detect and track adversary movement.
• Investigate lateral movement, data exfiltration attempts, and command-and-control (C2) communications.
• Ensure forensic findings and analysis are integrated across the institute.
• Conduct forensic investigations in cloud environments such as Azure, AWS, and GCP.
• Use cloud-native security tools and logs (e.g., AWS CloudTrail, Azure Security Centre) to detect unauthorized access and malicious activities.
• Ensure cloud-based forensic research and analysis are integrated across the institute.
• Use SIEM platforms (e.g., Splunk, QRadar, Azure Sentinel) to extract security logs and analyse system events.
• Develop and run correlation queries to identify attack vectors and track adversary activity.
• Integrate SIEM findings with forensic investigations to provide comprehensive threat intelligence.
• Document forensic findings in detailed technical reports.
• Contribute to internal training and knowledge-sharing initiatives on forensic investigations.

WHAT YOU BRING

• Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field.
• Experience with conducting digital forensic analyses using commercial and open-source forensic tools, including file system forensics, memory analysis, and network analysis.

Additional Strengths:

• Digital forensics/incident response training and/or certifications, including SANS GIAC (GCIA, GCFA, GCFE, GNFA, GCCC, and/or GREM), IACIS (CFCE or CIFR), and/or Guidance Software (EnCE), are considered strong assets.
• Proficiency in platforms like Splunk, QRadar, Azure Sentinel, CrowdStrike, and MS Defender for Endpoint.
• Understanding of proper evidence handling procedures and chain-of-custody.
• Proficiency in Python, PowerShell, and other scripting languages for forensic analysis.
• Familiarity with security features in Azure, AWS, or GCP, including forensic investigations in cloud environments.
• Strong understanding of computer operating systems, software, network and hardware.
• Knowledge of NIST, MITRE ATT&CK, SANS Top 20, and OWASP Top 10 best practices.
• Analytical and problem-solving skills.

WHY CHOOSE UNB?

UNB offers a large variety of benefits for employees, including a full pension, a minimum of three weeks of vacation annually, the Employee and Family Assistance Program (EFAP), and dental, life, and health insurance.

PROFESSIONAL & TECHNICAL STAFF UNION (PTSU)

This position is part of the PSAC, Local 60551 employee group and falls under the PTSU Collective Agreement.

COMMITMENT TO EQUITY, DIVERSITY & INCLUSION

The University of New Brunswick and PSAC/PTSU Local 60551 are committed to employment equity and fostering diversity within our community and developing an inclusive workplace that reflects the richness of the broader community that we serve. The University welcomes and encourages applications from all qualified individuals who will help us achieve our goals, including women, visible minorities, Aboriginal persons, persons with disabilities, persons of any sexual orientation, gender identity or gender expression. Preference will be given to Canadian citizens and permanent residents of Canada.

We thank all who apply; however, only those selected for an interview will be contacted.