About the role

Senior Investigations Analyst conducting complex digital investigations and forensic analyses for Corebridge Financial. Leveraging advanced tools to uncover evidence and support legal processes in corporate investigations.

Responsibilities

Lead the collection and preservation of digital evidence (workstations, mobile, cloud, and server logs) ensuring strict adherence to forensic standards and chain-of-custody protocols.
Perform live and dead-box imaging of systems across diverse OS environments (Windows, macOS, Linux).
Utilize enterprise forensic tools to perform stealthy, remote data acquisitions without disrupting business operations.
Utilize forensic toolsets to ingest, process, and analyze multi-terabyte datasets.
Investigate system artifacts (e.g. Registry, MFT, Shellbags, LNK files) to reconstruct user activity and timeline events.
Perform file carving and unallocated space analysis to recover deleted or obscured evidence.
Conduct deep-dive analysis of PST/OST files and cloud-based mail (O365/Gmail) to identify evidence of data exfiltration or collusion.
Translate technical forensic findings into clear, "plain English" investigative reports suitable for legal proceedings or executive review.
Act as the technical liaison for Legal, HR, and Internal Audit teams to define the scope of investigations and provide status updates on high-sensitivity cases.
Refine forensic workflows and laboratory standards to ensure the team stays ahead of anti-forensic techniques.

4+ years of experience in digital forensics and/or corporate investigations.
Forensic Toolset Mastery: Axiom or Nuix (Highly Preferred)
Other Tools: Advanced experience with at least two of the following: EnCase, FTK, Autopsy or X-Ways Forensics.
Mobile Forensics: Experience with Cellebrite UFED or Magnet GrayKey.
DLP: Purview Technical Knowledge
Deep understanding of file systems (NTFS, APFS, Ext4), memory forensics (Volatility), and cloud-native logging (Azure Unified Audit Log, AWS CloudTrail).
Scripting (Plus): Basic ability to use Python or SQL to automate data parsing or query large investigative databases.
Tool-Specific: Nuix Workstation Forensic Practitioner, EnCE, or MCFE.
Vendor-Neutral: GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensic Analyst (GNFA), or Certified Fraud Examiner (CFE).

Health and Wellness: We offer a range of medical, dental and vision insurance plans, as well as mental health support and wellness initiatives to promote overall well-being.
Retirement Savings: We offer retirement benefits options, which vary by location. In the U.S., our competitive 401(k) Plan offers a generous dollar-for-dollar Company matching contribution of up to 6% of eligible pay and a Company contribution equal to 3% of eligible pay (subject to annual IRS limits and Plan terms). These Company contributions vest immediately.
Employee Assistance Program: Confidential counseling services and resources are available to all employees.
Matching charitable donations: Corebridge matches donations to tax-exempt organizations 1:1, up to $5,000.
Volunteer Time Off: Employees may use up to 16 volunteer hours annually to support activities that enhance and serve communities where employees live and work.
Paid Time Off: Eligible employees start off with at least 24 Paid Time Off (PTO) days so they can take time off for themselves and their families when they need it.