Digital Forensics & Incident Response Expert

Key Responsibilities

Preparedness & Prevention

• Participate in tabletop exercises simulations and red/blue team activities.
• Recommend enhancements to security controls based on incident trends.
• Assist in vulnerability and risk assessments to strengthen overall cyber defenses.

Incident Detection & Response

• Monitor security alerts logs and threat intelligence feeds to identify potential incidents.
• Triage and classify security events based on severity and impact.
• Lead incident response actions including containment eradication and recovery.
• Coordinate with IT SOC and external partners to resolve security incidents efficiently.

Threat Analysis & Investigation

• Conduct deep-dive investigations using SIEM EDR and network analysis tools.
• Perform memory log malware and packet analysis when required.
• Identify root cause attack vectors and threat actor techniques (MITRE ATT&CK aligned).
• Document artifacts timelines and findings in a structured forensics workflow.

Digital Forensics

• Collect preserve and analyze digital evidence for internal investigations.
• Support legal compliance and HR teams during investigations when required.
• Maintain forensic toolsets imaging processes and chain-of-custody procedures.

Reporting & Communication

• Provide clear actionable incident reports for both technical and executive audiences.
• Communicate incident impact and remediation progress to stakeholders.
• Maintain accurate and detailed incident response documentation.

Qualifications :

Required Qualifications

• Bachelors degree in Cybersecurity Computer Science Information Technology or equivalent experience.
• 25 years of experience in incident response SOC analysis or digital forensics.
• Hands-on experience with SIEM EDR IDS/IPS network security tools and forensic toolsets.
• Strong understanding of:
  • TCP/IP networking fundamentals
  • Operating system internals (Windows Linux macOS)
  • Malware behaviors and intrusion techniques
  • MITRE ATT&CK framework
• Ability to work under pressure during high-severity incidents.

Preferred Qualifications

• Relevant certifications such as:
  • GCIH GCIA GCFA GREM
  • CEH CySA Security
  • OSCP OSDF or similar
• Experience with cloud platforms (AWS Azure GCP).
• Experience working in enterprise SOC environments.

Soft Skills

• Excellent analytical and problem-solving abilities.
• Strong communication and documentation skills.
• Ability to collaborate effectively with cross-functional teams.
• High attention to detail and strong situational awareness.

Additional Information :

What we offer:

• Work with customers from whole world.
• Work with cutting-edge security technologies.
• Opportunity to influence and improve the organizations security posture.
• Collaborative growth-focused team environment.
• Professional development support and certifications.
• Positive motivating international work environment.
• Hybrid work.
• Flexible working hours.
• Generous benefits package focused on physical and mental wellbeing (Multisport health insurances consulting sessions). 
• Pet-friendly office.
• Social events and team bonding gatherings.
• Compensation package consisted of base bonus and non-taxable parts competitive in the market.

Remote Work :

No

Employment Type :

Full-time