Skip to content

Senior Cybersecurity Engineer - Forensics

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

What's the role?

Plans, coordinates, acquires, inventories, and performs comprehensive technical analysis of digital evidence while strictly preserving legally permissible artifacts. 

Responsible for digital forensics, e-Discovery, evidentiary chain of custody management (electronic and physical) and professional communication with organizational stakeholders.  

  • Leadership: The Senior Cybersecurity Engineer is a leader within the Enterprise Cybersecurity with the expectation to guide and mentor more junior members. This includes overseeing the work performed by junior engineers, mentoring their technical educational activities, freely sharing knowledge and testing techniques. 
  • Infrastructure & Automation: Accountable for building, managing, and maintaining security tools and infrastructure that support forensic engagements. Focus on designing and implementing automation to aid the team in creating efficiencies.  
  • Security Research: Accountable for regularly monitoring the security community for, and researching, the latest forensic methodologies. This work is concluded by sharing the information back to the team in the form of newly written tools and/or internal training sessions.  
  • Reporting: Accountable for preparing and delivering the highest quality security information that comprehensively and clearly explains risk, demonstrates findings, and offers tactical and strategic recommendations to both technical and non-technical internal clients.  
  • Ad Hoc Incidents: Accountable for working with security architects, the security operations center, incident responders, and technology infrastructure, and development teams as necessary.  
  • Metrics: Accountable for working with select team members to track, monitor, and report testing results in a meaningful way so that risk-based security metrics are delivered to the enterprise.  
  • Training: Attend training to stay current with technology and security trends.  

Bring your best! What this role needs:

  • Bachelor’s degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS or equivalent experience.  
  • One or more advanced security certifications (e.g. CISSP, CCSP, GCFE, GCIH). 
  • 4-5 years of professional experience.
  • Highly technical and analytical hands-on experience in prior professional, educational, or personal projects. 


Knowledge or skills and or abilities required to perform the job?  

  • Experience with common digital forensics tools. (EnCase, Axiom, etc.) 
  • Understanding of various attack methods and countermeasures.  
  • Understanding of various security logs. (Firewalls, proxies, active directory, etc.)  
  • Understanding of networking concepts such as DNS, IP, NAT, VLANs, subnetting, etc. 
  • Experience with both Windows and Linux operating systems. Including familiarity with the command line.  
  • Understanding of applicable frameworks including the “OWASP Top Ten” and MITRE ATT&CK.  
  • Understanding of the OSI Model, web and network protocols such as TCP, UDP and HTTP/S.  
  • Competency with one or more scripting/programming languages such as Python, JavaScript, Java, Ruby, Go, PowerShell, Bash, C#, C/C++, etc.  
  • Fundamental understanding of cryptography controls and underlying concepts to secure data.  
  • Fundamental knowledge of defense-in-depth design and operational concerns.  
  • Ability to independently identify and resolve issues through effective problem-solving skills.  
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious, and adaptable.  
  • Ability to maintain and strengthen relationships; ability to effectively influence and negotiate with internal and external partners.  
  • Proven interpersonal savvy with demonstrated tact and diplomacy.  
  • Strong written and verbal communication skills with the ability to interpret and fully explain cybersecurity concepts as well as any recommended remediation to multiple knowledge levels. 

Preferred knowledge, skills, or abilities  

Experience with Amazon Web Services (AWS) and/or Microsoft Azure, preferably within an Agile/DevOps operating model. 

Leadership Responsibility  

Acts as a resource for colleagues with less experience; may lead small projects with manageable risks and resource requirements. 

What level of problem solving will the job perform?  

Solves complex problems; takes a new perspective on existing solutions; exercises judgment based on the analysis of multiple sources of information. 

What level of impact does the job have?  

Impacts a range of customer, operational, project or service activities within own team and other related teams; works within broad guidelines and policies. 

What level of interpersonal skills are required for the job?  

Explains difficult or sensitive information; works to build consensus. 

This job is not covered by the existing Collective Bargaining Agreement.

Required Certifications:

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now! 

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.


We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.