Senior Specialist, eDiscovery & Digital Forensics

Bell Canada

Req Id: 336054

At Bell, we do more than build world-class networks, develop innovative services and create original multiplatform media content – we advance how Canadians connect with each other and the world.

If you’re ready to bring game-changing ideas to life and join a community that values, professional growth and employee wellness, we want you on the Bell team.

Corporate Services is at the centre of the action, providing the support that enables Bell’s industry leadership. Our Corporate Security & Responsibility, Communications, Human Resources, Procurement & Value Creation and Real Estate teams work collaboratively to drive our corporate strategy forward.

About the Role
Bell is currently seeking an experienced candidate for a position within the Information Security team.  Reporting to the Senior Manager – eDiscovery, Digital Forensics & Incident Response (DFIR), this person is tasked to assist with eDiscovery, Digital Forensics, and Incident Response activities for BCE and its subsidiaries.   The candidate should be an independent, critical thinker skilled in analyzing data while working effectively with other internal and external teams to conduct cyber investigations and respond to eDiscovery matters. The candidate must also be able to work in high pressure situations for extended periods of time as a core member of Bell’s Cyber Incident Response Team (CIRT). 


Key Responsibilities

  • Conduct PC, server, email, mobile device, RAM, Social Media and Cloud based forensic examinations including preservation, acquisition, and analysis of digital evidence
  • Conduct eDiscovery collections, manage and support Bell’s Relativity platform on behalf of Bell’s Legal and Investigative departments 
  • Investigate network and computer intrusions to identify root cause and generate indicators of compromise (IoC) in conjunction with Bell’s Cyber Threat Intelligence team
  • Generate high quality forensic reports and synopses presenting complex technical processes and findings clearly and concisely to technical and non-technical business unit managers
  • As part of Bell’s blue team, working in conjunction with Bell’s red team in exercises towards the common goal of continuing to improve security within BCE and its subsidiaries


Required Qualifications 

  • 5+ years of experience performing forensic acquisition and examination of Windows, Unix/Linux, and Macintosh-based PCs and servers and/or in eDiscovery processes and software
  • Understanding of multiple forensic platforms and tools – EnCase, Relativity, NUIX, Axiom, FTK, X-Ways Forensics, Volatility, Sleuthkit, BlackBag tools, and/or various Open Source forensic tools
  • Hands-on experience performing network traffic and/or log analysis
  • Working knowledge of computer/server virtualization/hardware (e.g. VMware, PCI, USB, Firewire)
  • Working knowledge of storage / file system configurations (i.e., SANs, RAIDs, SAS, SATA, NTFS, FAT32)


Desired Qualifications

  • Extensive knowledge of the Electronic Discovery Reference Model (EDRM)
  • Understanding of evidence handling and chain-of-custody procedures
  • Forensic lab management experience, including infrastructure (hardware and software), processes, procedures, and supporting documentation based on industry best practices
  • Basic Knowledge of SQL and regular expressions
  • Scripting in one or more of Perl, Python, PowerShell, BASH and/or Windows BATCH
  • Ability to write queries/rules in two or more of LUCENE, Kibana, Splunk, EnCase GREP, YARA


Certifications – Desired (any two or more of the following)

  • Forensic Examiner (e.g. EnCE, ACE, SANS)
  • Incident Handling and/or Response (e.g. SANS, CERT/CC)
  • Canadian Police College (e.g. Cyber Investigator)
  • NUIX Certification(s)
  • Magnet Certification(s)
  • Relativity Certification(s)
  • Certified eDiscovery Specialist (CEDS)
  • RAM analysis (e.g. Volatility)
  • Mobile analysis (e.g. Cellebrite, BlackBag, Oxygen, Paraben)


Other Important Skills

  • Strong sense of professionalism and ethics
  • Acts with very high degree of integrity
  • Communicates honestly and openly
  • Passionate about the importance of security, and want to partner with colleagues who need your expertise
  • Providing quality insights to senior stakeholders across the organization, sometimes on short-notice
  • Forward looking self-learner
  • Value truth, openness, and pursuing excellence
  • Ability to reliably and independently ensure things get done
  • Ability to give and receive open and direct feedback
  • Ability to set and manage expectations with senior stake-holders, clients and team members
  • Demonstrate logical argumentation, attention to detail, and critical thinking in documentation and verbal communications

This position requires eligibility to obtain Secret level II clearance (and may require TS+ in the future)







Bilingualism is an asset (English and French); adequate knowledge of French is required for positions in Quebec.


Additional Information:
Position Type: Management
Job Status: Regular - Full Time
Job Location: Canada : Ontario : Ottawa || Canada : Alberta : Calgary || Canada : Alberta : Edmonton || Canada : British Columbia : Vancouver || Canada : New Brunswick : Fredericton || Canada : New Brunswick : Moncton || Canada : Newfoundland : St. John's || Canada : Nova Scotia : Halifax || Canada : Ontario : Mississauga || Canada : Ontario : Toronto || Canada : Quebec : Montreal || Canada : Quebec : Verdun 

Flexible work profile: Mobile
Application Deadline: 01/16/2022 


Please apply directly online to be considered for this role. Applications through email will not be accepted.


At Bell, we don’t just accept difference - we celebrate it. We’re committed to fostering an inclusive, equitable, and accessible workplace where every team member feels valued, respected, and supported, and has the opportunity to reach their full potential. We welcome and encourage applications from people with disabilities.


Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email your recruiter directly or to make arrangements. If you have questions regarding accessible employment at Bell please email our Diversity & Inclusion Team at


Created: Canada , ON , Ottawa

Additional Info

Job Type : Full-Time

Education Level : ""

Experience Level : Mid to Senior Level

Work Location Type : Remote

Powered By GrowthZone