Senior Digital Forensics and Incident Response Consultant

October 20, 2024

Apply Now

Receive Emails with Similar Jobs

CYPFER

WebsiteLinkedInAll Job Openings

CYPFER is a global leader in cyber-attack incident response and ransomware post-breach recovery. The company provides a comprehensive range of cybersecurity services, including incident response, ransomware recovery, digital forensics, and cyber risk management. It offers services such as business email compromise resolution, cloud and web application investigations, dark web monitoring, and advisory. CYPFER is known for its rapid deployment of in-house specialists, providing 24/7 global support to ensure businesses stay secure and resilient against cyber threats. With a focus on integrating seamlessly with clients' operations, CYPFER is dedicated to offering unmatched care and commitment to cybersecurity.

Information Security • Cyber Security • Managed Security Services • SIEM • Digital Forensics and Incidence Response

51 - 200 employees

🔒 Cybersecurity

📋 Description

• Engage on behalf of CYPFER in incident response tasks, interacting with various insurance partners, legal counsel, incident response units, client executives, and technical teams. • Utilize standard tools and methodologies to collect forensic artifacts and images from affected systems. • Perform Windows/Unix/Linux forensics and triage, and network forensics to assess compromise and investigations. • Skilled in malware analysis tools and methodologies. • Apply mitigation strategies and concepts to remediate identified threats. • Analyze triage collections/artifacts for indicators of compromise (IoCs) and potentially malicious activity. • Review logs from host systems and appliances to identify suspicious activities. • Collect forensic disk and memory images from physical and virtual endpoints and servers. • Perform forensic analysis of physical systems, virtual machines, and network data. • Understanding of an incident lifecycle and cyber-kill-chain. • Familiarity with exfiltration techniques used by threat actors. • Correlate events and build timelines of events. • Maintain current knowledge on emerging threats and vulnerabilities. • Analyze files for IOCs using various techniques. • Conduct limited threat research based on IOCs collected during investigations. • Understand obfuscation techniques used to conceal malicious commands and traffic, and lateral movement strategies employed by threat actors. • Collaborate and share information within and across teams and communicate effectively with client managers and executives. • Write detailed reports and summarize findings clearly and concisely. • Participate in a rotating on-call schedule; ability to work on weekends and outside normal business hours as needed. • This role is remote but requires the ability to travel on short notice to a client site up to 50%. • Must maintain flexibility to travel frequently within 24-48 hours' notice for deployments typically 1-2 weeks in duration.

🎯 Requirements

• 5+ years of experience in digital forensics, incident response, or a similar role. • Strong knowledge of Windows and Unix/Linux operating systems. • Expertise in threat hunting, network forensics, and EDR / EPP technologies. • Skilled in forensic acquisition and analysis of physical and virtual systems. • Advanced understanding of networking, routing, and firewall operations. • Working knowledge of storage technologies such as RAID, NAS, SAN, Fiber Channel, iSCSI, and NFS. • Ability to analyze and interpret logs from various sources. • Familiarity with SIEM and SOAR solutions. • Ability to perform threat research and analyze current threats. • Understanding of business email compromise (BEC) cases and investigation techniques.