Apply on Employer Site

CYPFER · 2 months ago

German Digital Forensics and Incident Response (DFIR) Consultant

United States

Full-time

Hybrid

Entry, Mid Level

2+ years exp

CYPFER is a leading first-responder cybersecurity organization specializing in ransomware post-breach remediation and cyber-attack response. They are seeking a German Digital Forensics and Incident Response (DFIR) Consultant to engage in incident response tasks, collect forensic artifacts, and analyze threats to assist clients effectively following cyber incidents.

Cyber Security

Responsibilities

Engage on behalf of CYPFER in incident response tasks, interacting with various insurance partners, legal counsel, incident response units, client executives, and technical teams

Utilize standard tools and methodologies to collect forensic artifacts and images from affected systems

Assist with Windows forensics and triage to assess compromise and investigations

Familiarity with malware analysis tools and methodologies

Apply mitigation strategies and concepts to remediate identified threats

Analyze triage collections/artifacts for indicators of compromise (IOCs) and potentially malicious activity

Review logs from host systems and appliances to identify suspicious activities

Collect forensic disk and memory images from physical and virtual endpoints and servers

Understanding of an incident lifecycle and cyber-kill-chain

Correlate events and build timelines of events

Maintain current knowledge on emerging threats and vulnerabilities

Analyze files for IOCs using various techniques

Qualification

Digital forensicsIncident responseWindows forensicsEDR / EPP technologiesForensic acquisitionStorage technologiesThreat researchBilingual EnglishGermanCustomer service skillsRelationship managementHigh-quality deliverablesEmerging threats knowledgeBusiness email compromiseObfuscation techniquesE-discovery toolsMobile device analysisIndustry certificationsCommunication skills

Required

Bilingual English and German

2+ years of experience in digital forensics, incident response, or a similar role

Knowledge of Windows and Unix/Linux operating systems

Understanding of the functionality of EDR / EPP technologies

Familiarity with forensic acquisition and analysis of physical and virtual systems

Working knowledge of storage technologies such as RAID, NAS, SAN, Fiber Channel, iSCSI, and NFS

Ability to analyze and interpret logs from various sources

Ability to perform threat research and analyze current threats

Understanding of business email compromise (BEC) cases and investigation techniques

Participate in a rotating on-call schedule; ability to work on weekends and outside normal business hours as needed

This role is remote but requires the ability to travel on short notice to a client site up to 50%. Must maintain flexibility to travel frequently within 24-48 hours' notice for deployments typically 1-2 weeks in duration

Maintain current knowledge of information security, incident response techniques, emerging threats, and tools

Work independently and produce high-quality deliverables with minimal supervision

Exhibit strong customer service and consulting skills

Adhere to client and internal policies, procedures, and security practices

Maintain detailed notes and draft updates and reports as required

Remain calm, composed, and articulate in tough customer situations

Exhibit excellent relationship management and communication skills