German Senior Digital Forensics and Incident Response (DFIR) Consultant jobs in United States
cer-icon
Apply on Employer Site
company-logo

CYPFER ยท 2 months ago

German Senior Digital Forensics and Incident Response (DFIR) Consultant

positionUnited States
timeFull-time
remoteHybrid
senioritySenior Level
date5+ years exp

CYPFER is a leading first-responder cybersecurity organization enabling clients to swiftly and effectively return to business following a cyber-attack. In this role, you'll lead complex investigations, conduct forensic analyses across various platforms, and develop strategic incident response plans while collaborating with a diverse client base.

Cyber Security

Responsibilities

Engage on behalf of CYPFER in incident response tasks, interacting with various insurance partners, legal counsel, incident response units, client executives, and technical teams
Utilize standard tools and methodologies to collect forensic artifacts and images from affected systems
Perform Windows/Unix/Linux forensics and triage, and network forensics to assess compromise and investigations
Skilled in malware analysis tools and methodologies
Apply mitigation strategies and concepts to remediate identified threats
Analyze triage collections/artifacts for indicators of compromise (IoCs) and potentially malicious activity
Review logs from host systems and appliances to identify suspicious activities
Collect forensic disk and memory images from physical and virtual endpoints and servers
Perform forensic analysis of physical systems, virtual machines, and network data
Understanding of an incident lifecycle and cyber-kill-chain
Familiarity with exfiltration techniques used by threat actors
Correlate events and build timelines of events
Maintain current knowledge on emerging threats and vulnerabilities
Analyze files for IOCs using various techniques
Conduct limited threat research based on IOCs collected during investigations
Understand obfuscation techniques used to conceal malicious commands and traffic, and lateral movement strategies employed by threat actors
Collaborate and share information within and across teams and communicate effectively with client managers and executives
Write detailed reports and summarize findings clearly and concisely
Participate in a rotating on-call schedule; ability to work on weekends and outside normal business hours as needed
This role is remote but requires the ability to travel on short notice to a client site up to 50%. Must maintain flexibility to travel frequently within 24-48 hours' notice for deployments typically 1-2 weeks in duration

Qualification

Digital ForensicsIncident ResponseThreat HuntingBilingual (English/German)Windows ForensicsUnix/Linux ForensicsNetwork ForensicsEDR/EPP TechnologiesMalware AnalysisCybersecurity KnowledgeData AnalysisIncident Lifecycle UnderstandingSIEMSOAR SolutionsE-discovery ToolsCustomer Service SkillsRelationship ManagementObfuscation TechniquesBusiness Email CompromiseCommunication Skills

Required

5+ years of experience in digital forensics, incident response, or a similar role
Strong knowledge of Windows and Unix/Linux operating systems
Expertise in threat hunting, network forensics, and EDR / EPP technologies
Skilled in forensic acquisition and analysis of physical and virtual systems
Advanced understanding of networking, routing, and firewall operations
Working knowledge of storage technologies such as RAID, NAS, SAN, Fiber Channel, iSCSI, and NFS
Ability to analyze and interpret logs from various sources
Familiarity with SIEM and SOAR solutions
Ability to perform threat research and analyze current threats
Understanding of business email compromise (BEC) cases and investigation techniques
Fully Bilingual (English/German)
Maintain current knowledge of information security, incident response techniques, emerging threats, and tools
Work independently and produce high-quality deliverables with minimal supervision
Exhibit strong customer service and consulting skills
Adhere to client and internal policies, procedures, and security practices
Maintain detailed notes and draft updates and reports as required
Remain calm, composed, and articulate in tough customer situations
Exhibit excellent relationship management and communication skills

Preferred

Experience with e-discovery tools and methodologies
Proficiency in collecting and analyzing data from mobile devices/cell phones
Industry certifications such as MCFE, ENCE, ACE, GCFA, GCIH, GNFA, GCFE or similar are a plus

Company

CYPFER

twittertwitter
company-logo
Global Cyber Certainty Champions, in an uncertain digital world.
dateFounded in 2020
location
Toronto, Ontario, CAN
people-size51-200 employees
web-link
https://CyberSteward.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Daniel Tobok
Chief Executive Officer
linkedin
leader-logo
Alexander Gross
Chief Business Officer
linkedin
Company data provided by crunchbase