Digital Forensic Analyst

Job Description

Position - Digital Forensic Analyst Role Summary As an Incident Responder, you are expected to investigate computer-related crimes and cyber security incidents within an organization. You are expected to validate the incidents, identify the root cause, and contain and eradicate the incidents and their traits. You are expected to be proficient in a wide range of computer investigation and forensic tools. Engineering Graduate with 2+ years experience working in IT Security and relevant areas like Security Operations Center, Incident Response, Threat Intelligence, Digital Forensics, Malware Analysis, etc. Activities: The main responsibility of the Incident Responder is to use computer response and forensic tools to examine and analyze electronic media in suspected computer hacking cases, insider threats or malware incidents. Provide response to any IT Security threats, incidents, or cyber-attacks on your organization Provide support in incidence response, analysis, and reporting of cyber threats affecting organizational networks Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations Provide support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection) Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions To validate the actionable, malware, threat advisories, vendor security bulletins, threat intelligence information, etc., may need to be analyzed. Malware reverse engineering to identify IOC Tools such as Encase, FTK, and Autopsy. Infrastructure and network architecture security Basic programming skills - Java, PHP, shell programming, C, etc. Requirements Engineering graduate with 2+ years of incident response and forensics experience. Knowledge of Forensic and eDiscovery tools such as EnCase, Autopsy, FTK, sysinternals, etc. Should have hands-on experience with utilizing SIEM/EDR/ such as QRadar etc. and help team in investigating security issues and/or complex operational issues Practical experience using computer operating systems such as MS Windows, UNIX, and Linux Detail analytical capabilities to identify. Defense evasion techniques - Malware defense evasion and detection Understanding core Windows processes Persistence - Malware persistence detection and analysis Finding and Analyzing Malicious WMI Event Consumers . A problem-solving mindset Working as part of a team, you need to be a good team player The ability to react quickly and efficiently under pressure Good communication skills as you will be reporting regularly to management and other stakeholders Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures Technical Incident Response Certification like CHFI, CEH, etc.