DFIR LEADER | DIGITAL FORENSICS AND INCIDENT RESPONSE LEADER | DIGITAL FORENSICS & INCIDENT RESPONSE MANAGER

25/11/2021

Roma

Job description

Techyon is the first Head Hunter which exclusively specializes in the search and selection of professionals and managers in the Information Technology field. Our Recruitment Engineers select the best IT profiles for prestigious IT consulting firms, banks, service companies, manufacturing groups, start-ups of excellence and digital DNA companies.

 

About the Company: for an innovative and digital reality, our Recruitment Engineers are looking for a Digital Forensics & Incident Response Leader (Rome).

Core responsibilities:
  • Lead local and remote live evidence extraction.

  • Lead network live evidence extraction.

  • Lead local dead evidence extraction.

  • Lead digital computer forensics investigations.

  • Lead digital network forensics investigations.

  • Lead mobile forensics investigations.

  • Lead triaging malware species to decide when to conduct deep malware analysis.

  • Lead malware analysis investigations.

  • Contribute to incident response life cycle.

  • Contribute to TH investigations.

  • Closely work with other functional areas in the team.

  • Reporting conducted investigations to SOC leader.

  • Operate, maintain, and enhance digital forensics tools for forensic artifacts collection and analysis.

  • Mentoring and coaching DFIR L1 and L2 forensic investigators, and malware analysts.

Job requirements

Must have:
  • Local and remote live evidence extraction from Windows/Linux/macOS systems.

  • Local evidence extraction from mobile devices, both iOS and Android.

  • Network live evidence extraction.

  • Disk cloning, both hardware and software.

  • Evidence processing for creating timelines.

  • Analyze Windows forensic artifacts, both memory and file system.

  • Analyze Linux forensic artifacts, both memory and file system.

  • Analyze macOS forensic artifacts, both memory and file system.

  • Analyze mobile forensic artifacts, both iOS and Android.

  • Analyze network forensic artifacts, both traffic flow and network security devices logs.

  • Editing and creation of typical digital forensics tools enhancers (E.g. YARA rules, Sigma rules, KAPE targets and modules).

  • Automating forensic artifacts collection with scripting languages (E.g. PowerShell).

  • Malware analysis capabilities.

  • IOC creation and sharing (Eg. MISP, OTX).

  • Written reporting;

  • Fluency in English.

 Nice to have:
  • EC-Council Computer Hacking Forensic Investigator (CHFI);

  • SANS SEC402: Cybersecurity Writing: Hack the Reader;

  • SANS FOR498: Battlefield Forensics & Data Acquisition (GBFA);

  • SANS FOR500: Windows Forensic Analysis (GCFE);

  • SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics (GCFA);

  • SANS FOR509: Cloud Forensics & Incident Response;

  • SANS FOR518: Mac and iOS Forensic Analysis and Incident Response (N/A certification);

  • SANS FOR526: Advanced Memory Forensics & Threat Detection (N/A certification);

  • SANS FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response (GNFA);

  • SANS FOR578: Cyber Threat Intelligence (GCTI);

  • SANS FOR585: Smartphone Forensic Analysis In-Depth (GASF);

  • SANS FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques;

  • (ISC)2 Certified Information Systems Security Professional (CISSP).

Other info

Location: Rome

 

Compila i seguenti campi per candidarti.

Carica il tuo CV (.pdf)* Non puoi caricare il CV?

Informativa privacy candidati