Responsibilities
What Youll Do
Conduct digital forensics analysis on diverse evidence types including disk, memory, network, and cloud artifacts.
Lead incident response initiatives to effectively contain, mitigate, and guide recovery efforts for security breaches.
Work closely with the SOC team to validate, escalate, and address identified threats.
Stay abreast of emerging threats, attack vectors, threat actors, and advancements in security technologies.
Develop and deploy detection rules, leveraging MDR solutions to identify and manage new threats.
Enhance the SOC team’s DFIR capabilities by creating and refining tools, scripts, correlation alerts, and automation.
Keep up to date with industry trends and research to continuously strengthen our security posture.
Partner with cross-functional teams to provide actionable insights and comprehensive incident reports.
2-3 years of experience in digital forensics and incident response within a SOC environment.
Proficiency with industry-standard forensic tools and platforms.
Hands-on experience with threat hunting tools and query languages/platforms such as ELK, Splunk, QRadar, KQL, SQL, etc.
Exceptional communication and interpersonal skills.
Fluency in English, both written and spoken, is essential.
A curious and innovative mindset with a strong passion for learning and tackling complex problems.
Proven problem-solving skills with the ability to perform effectively under pressure.
Capability to work both independently and collaboratively in a fast-paced, dynamic setting.
Experience in scripting with Python, PowerShell, C, or C#.
What Youll Bring Advantage
Knowledge of cloud services, Kubernetes, cloud architecture, and major cloud platforms (AWS, GCP, Azure).
Experience in malware analysis and reverse engineering.
Understanding of prominent threat actors and expertise in threat intelligence analysis.
Familiarity with MDR solutions like SentinelOne and CrowdStrike.
Relevant certifications (e.g., GCFE, GCFA, GCFR, GCTD, GCTI).
