5 Dfir Jobs

As a Consultant working in a hybrid work mode with a shift from 1 PM to 10 PM, you will be responsible for various Cyber Security auditing tasks in locations like Bangalore, Pune, Noida, and Gurgaon. Your duties will involve understanding engagement objectives, preparing audit plans, and testing procedures to meet review objectives. You will gather detailed insights into IT and business processes, systems, and controls, and lead risk assessments and evaluations. Additionally, you will identify opportunities to leverage data analytics, track project status, and ensure high-quality work paper documentation according to client standards. You will drive discussions on audit findings with the team and management, formulate risk assessments on complex systems, and create Business Impact Analysis, Risk Assessment, and Corrective Action Plan documentation. Developing recommendations to enhance security posture and communicating these recommendations to stakeholders will be part of your responsibilities. You will also identify security deficiencies and vulnerabilities, participate in organizational projects, and contribute to the development of information security policies, standards, and procedures. Desired Qualifications: - Bachelor's degree in Computer Science, Engineering, Cyber Security, or related field - Cyber security certifications (CISSP, CISM, Security+, CEH, Azure Security Engineer, CSFA) - CISA certification required or willingness to obtain within 3 months of employment - 5+ years of experience in Cyber Security field - 2+ years of IT systems audit experience - Experience in Identity and Access Management, Infrastructure Security, Application Security, Data Governance, Cloud Security, and Third-Party Risk Management - Familiarity with standards and regulations such as PCI, SOX, ISO, NIST CSF, NIST 800-53, NIST RMF, PII, CCPA, COPPA, HIPAA, VCDPA, etc. - Proficiency in MS Office, Teams, and working knowledge of standard computer software - Ability to work in a fast-paced environment with attention to detail - Strong verbal and written communication skills, especially in explaining complex topics - Experience in regulated industries and familiarity with technology standards and compliance frameworks Bonus Points for: - ITIL Certification - Threat Hunting and DFIR experience - Security experience in GCP, Azure, and AWS - Knowledge of Zero Trust architectures and data analytics implementation - Penetration testing experience and expertise in multiple cyber security domains - Familiarity with network protection approaches and technologies,

Role & responsibilities Incident Management: Lead the end-to-end incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Threat Investigation: Analyze and investigate a variety of attack vectors, such as: Identity attacks include credential abuse, privilege escalation, and MFA bypass. Web Attacks: SQL injection, cross-site scripting (XSS), remote code execution. Network Attacks: DDoS, lateral movement, traffic manipulation. Cloud Threats: IAM misconfigurations, exposed services, container security vulnerabilities. Collaboration & Coordination: Work closely with SOC analysts, threat intelligence teams, forensics, and engineering groups during and after security incidents. Root Cause Analysis: Conduct comprehensive investigations to determine the root cause of incidents and provide actionable remediation recommendations. Preferred candidate profile A minimum of 5 years of hands-on experience in cybersecurity incident response or security operations. Proven expertise in investigating and mitigating incidents across one or more areas: identity, web, network, or cloud. Proficiency with SIEM, EDR, and SOAR tools (e.g., Splunk, Sentinel, CrowdStrike). Experience in hybrid or cloud-first environments (AWS, Azure, or GCP). Strong understanding of frameworks and methodologies such as MITRE ATT&CK, the cyber kill chain, and threat modeling.

About The Role Exciting opportunity for an experienced Security Incident Responder to join our IT Security team in Pune. Take a key role in driving success by enabling a seamless, global security incident response capability. This is a full-time, on-site position based in our Baner office. About You You have a curious mindset and are highly passionate about security engineering and the evolving role of AI in this domain. You also have: - Experience between 2 to 5 years working as a SOC Analyst, Incident Responder or Detection Engineer. - Knowledge applications of security frameworks DFIR, Cyber Kill Chain, MITRE ATT&CK. - Confidence and the ability to remain calm under pressure. It would be beneficial if you possess: - Understanding of software development practices, DevSecOps, enterprise security tools. - Knowledge Artificial Intelligence utilization within the Incident management process. - Awareness of regulatory environment and requirements (e.g. GDPR) - Experience securing cloud-based services (preferably hosted in AWS or Microsoft Azure cloud environments), combined with insight into vulnerability management and scanning tools. - Knowledge of techniques to tune SIEMs, threat hunting, and implementing security best practices. - Security qualifications e.g. GIAC Certifications, AWS, Azure, CEH, OSCP. Key Responsibilities - Act as Incident Commander, coordinating security incident response across teams and time zones, ensuring seamless handoffs. - Collaborate with in-house analysts and MDR partners for timely detection, alerting, and monitoring of security events. - Manage and triage security alerts, document incidents, and maintain detailed reports. - Develop, maintain, and test Incident Response playbooks while driving process and capability improvements. - Design use cases for automation and AI to enhance incident management speed and efficiency. - Review and optimize security platform configurations, ensuring compliance, stability, and alignment with IT best practices. Benefits and Perks Join us for a rewarding career with competitive compensation, leave entitlements, health coverage, and financial security. Enjoy work-life balance, growth, and recognition for your exceptional performance. Our team will unveil the intricacies of our benefit package during the selection process. Company Overview Hansen Technologies (ASX: HSN) is a global software and services provider, serving energy, water/utilities, and telecommunications industries. With customers in 80+ countries, we foster collaboration across 36 global offices. From 5G advancements to renewable energy transitions, we empower customers to overcome challenges, innovate, and drive new business models.

Mandatory Skills: Cyber forensics, Memory analysis, Memory Forensics, Incident response, Digital Forensics, Strong communication skill (verbal and written), Working knowledge of Forensics tools including (but not limited to) FTK, Encase, Autopsy, Magnet Axiom, volatility, wireshark, Threat intelligence feeds, Cyber threat landscape and APT groups, SIEM (any), EDR (any), MITRE framework, Cyber kill chain framework. Qualifications: 2+yrs of working experience in the computer forensics, cybercrime investigations, and other related technical fields with a combination of both public and private sector experience preferred. Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise and business. The ability to constantly develop new and grow existing skills relating to Digital Forensics, as well as computing and professional topics. Knowledge of computer forensic best practices and industry standard methodologies for investigating host-based and network analysis The knowledge, skills, and ability to preserve digital evidence from a variety of platforms in a forensically sound manner. Knowledge of and a proven ability to follow globally established standards in digital evidence acquisition and handling. Demonstrate an understanding of digital forensic tools and techniques used to support internal fraud and employee investigations. Serve as an initial point of escalation for suspected incidents and intrusions. Demonstrated capability with endpoint detection and live response tools. Knowledge of digital forensics on Microsoft Windows, Mac, and Linux based systems. Proficiency with DFIR related open-source tools, memory, and full disk analysis The ability to work independently or with a team during large scale forensic investigations Demonstrate an understanding of incident response forensics and root cause analysis. Experience preparing in-depth investigation reports into forensic investigations, breach reports, privacy incidents and data exposure type cases. The ability to constantly develop new and grow existing skills relating to Digital Forensics, as well as computing and professional topics. Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation. Certifications: Desirable certifications include, (but not limited to) CHFI, CIH, CSA, CEH, GSEC, GCIH, GCIA, GCFE, GREM, GCFA.

We are seeking a Senior DFIR Analyst with experience in forensic investigation and incident response. The candidate should be able to handle cases end-to-end, including client communication, reporting, and leading the team of forensic analysts. The ideal candidate should have experience in forensic investigation of all major operating systems such as Windows Server, Linux, and Mac OS. The candidate would also be responsible to R&D activities to identify new tools and techniques for forensic analysis and incident response. Key Responsibilities: Handle digital forensic cases end to end, including acquisition of data, analysis of complex digital evidence, client communication, presentations and reporting. Conduct forensic investigations of all major operating systems such as Windows, Linux, Mac OS, etc. Conduct forensic analysis of system and application logs, web applications logs, network traffic, and other digital artifacts. Provide expert technical assistance to clients during investigations and incident response activities. Lead the team of forensic analysts in conducting investigations and incident response activities. Mentor and train junior analysts on DFIR techniques, tools, and best practices. Conduct R&D activities to identify new tools and techniques for forensic analysis and incident response. This includes staying up-to-date with industry trends and emerging technologies to continually enhance our forensic capabilities Document and present findings, including preparing detailed forensic analysis reports. Requirements: Bachelor/master's degree in digital Forensics, Computer Science, or a related field. 5-8 years of experience in digital forensics and incident response. Experience in leading a team of forensic analysts. In-depth knowledge of digital forensic tools and techniques. Excellent written and verbal communication skills. Ability to effectively communicate technical concepts to non-technical stakeholders. Ability to manage multiple cases simultaneously and provide timely updates and status reports. Ability to work independently and as part of a team. Experience with forensic analysis of system and application logs, web applications logs, network traffic, and other digital artifacts. Strong analytical and problem-solving skills. Excellent searching skills and self-learning. Preferred Qualifications: Relevant industry certifications such as AccessData Certified Examiner (ACE), EC-Council Certified Hacking Forensic Investigator (EC-CHFI), GCFA, GCFE, EnCE or other relevant certifications. Experience with programming languages for scripting/automation of tasks. Experience with reverse engineering and malware analysis. Strong analytical and problem-solving skills. Experience in R&D activities. Familiarity with legal and regulatory requirements related to digital forensics and incident response.