Uncover the truth and protect organisations from cyber threats.
As a DFIR Specialist with our client, a global DFIR service provider, you will play a critical role in safeguarding organisations from cyberattacks. You'll be a detective on the digital frontier, meticulously investigating security incidents, analysing evidence, and piecing together the puzzle of how and why they occurred. Your findings will be instrumental in mitigating damage, bringing perpetrators to justice, and preventing future breaches.
Responsibilities:
Conduct in-depth forensic investigations of suspected cyberattacks, including data breaches, malware infections, and unauthorized access attempts.
Analyse digital evidence from various sources, such as computers, servers, network devices, and mobile phones, to identify the scope and timeline of the incident.
Collect and preserve evidence in a forensically sound manner, ensuring its admissibility in legal proceedings.
Utilize advanced forensic tools and techniques to extract and analyse data, including memory dumps, logs, and network traffic.
Generate comprehensive reports documenting the findings of the investigation, including the root cause of the incident, the impact on the organisations, and recommendations for remediation and prevention.
Collaborate with other security professionals, such as incident responders and threat intelligence analysts, to effectively contain and mitigate the incident.
Stay up-to-date on the latest cyber threats and attack vectors to continuously improve your investigative skills and effectiveness.
Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field.
Minimum of 2 years of experience in digital forensics or incident response.
Strong understanding of digital forensics principles and methodologies.
Proven ability to conduct thorough and meticulous investigations.
Excellent analytical and problem-solving skills.
Ability to work independently and as part of a team in a high-pressure environment.
Excellent written and verbal communication skills.
Strong attention to detail and ability to maintain accurate and detailed records.
Familiarity with forensic tools and techniques, such as FTK Imager, EnCase, and Autopsy.
Experience with incident response frameworks, such as NIST Cybersecurity Framework and SANS Incident Response.
