DFIR

CYE's DFIR team is responsible for responding to our clients' cyber incidents and crises. Our group is expanding. If you see yourself in the front line of the cybersecurity domain as a data forensic and incident response (DFIR) talent, your place is with us. As a DFIR team member, you will participate in hands-on security research and investigations, helping our customers understand and mitigate cyber threats and attacks.  Responsibilities

Perform incident response lifecycle and real-time activities, including detection and analysis, containment and eradication, and recovery

Perform incident response in a cloud environment (Azure, AWS etc.).

Perform digital forensics investigations

Research and analyze tactics, techniques, and procedures (TTPs) used by malicious actors

Perform hunt-evil and find-evil activities for proactively detecting attacks

Work closely with our in-house red team, CTI, and cyber architect teams

Work closely with worldwide companies, CISOs, and technology experts

Qualifications

Must be based in the Central or Eastern regions of the US

1-2 years of experience as a DFIR team member

Experience with performing digital forensics in a cloud environment

Experience with performing digital forensics of Windows-based and/or Linux-based platforms, network forensics, and analysis

Thorough understanding of threat hunting models, as well as cyber threat intelligence, including TTP and IoCs extraction and mapping

Experience with research and data analysis of large DBs via Splunk, Elasticsearch, SQL, or VQL

Strong understanding of targeted attacks; able to create customized tactical remediation plans

Good written and verbal English communication skills