37 Digital Forensics Jobs - Page 2

Description Primary Skills: Threat Detection and Analysis Log and SIEM Analysis Digital Forensics Secondary Skills: Malware Analysis and Reverse Engineering Network and Endpoint Security Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Threat Detection and Analysis;digital forensics Languages RequiredENGLISH Role Rarity To Be Defined

Description Primary Skills: Threat Detection and Analysis Log and SIEM Analysis Digital Forensics Secondary Skills: Malware Analysis and Reverse Engineering Network and Endpoint Security Scripting and Automation Certifications:NA Location:Bangalore/Gurgaon Responsibilities Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Threat Detection and Analysis;digital forensics Languages RequiredENGLISH Role Rarity To Be Defined

EC-Council is the world's largest cyber security technical certification body. We operate in 145 countries globally and we are the owner and developer of various world-famous cyber security programs. We are proud to have trained and certified over 220,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide. Job Description: OT SOC Specialist Position Title : OT SOC Specialist Department : Security Operations Center (SOC) Position Overview: We are seeking a skilled and motivated OT SOC Specialist to join our team and take responsibility for monitoring, analyzing, and defending our Operational Technology (OT) environment from cyber threats. The ideal candidate will have experience in industrial control systems (ICS), SCADA systems, and a deep understanding of the unique cybersecurity challenges associated with OT. This role involves proactive threat detection, incident response, and collaboration with both IT and OT teams to ensure the security and integrity of critical infrastructure. Key Responsibilities: Monitoring & Detection: Continuouslymonitor OT networks, systems, and devices for security threats and vulnerabilities using specialized tools and methodologies tailored for industrial control systems (ICS). Analyze network traffic, system logs, and data from OT devices to detect anomalies, potential threats, and security incidents. Utilize OT-specific threat intelligence feeds, SIEM (Security Information and Event Management), and other monitoring tools to identify cyber risks in real-time. Incident Response & Mitigation: Lead or assist in the investigation and remediation of security incidents involving OT systems. Collaborate with IT and OT teams to develop and implement containment strategies in response to security breaches. Conduct post-incident analysis to determine the root cause and recommend preventive measures to minimize future risks. Vulnerability Management: Participate in regular vulnerability assessments of OT networks and systems to identify potential weaknesses. Work with the OT engineering and IT teams to patch or mitigate vulnerabilities in OT infrastructure. Maintain awareness of emerging threats and vulnerabilities in OT devices and software (e.g., PLCs, RTUs, SCADA). Collaboration & Communication: Collaborate with OT engineers, IT cybersecurity teams, and other stakeholders to improve security posture and align OT-specific security initiatives with overall enterprise security strategies. Provide technical expertise and guidance on OT security best practices, threat landscape, and emerging technologies. Report and escalate security incidents to senior management, ensuring clear and concise communication. Security Hardening & Best Practices: Assist in the development and implementation of OT security policies, standards, and procedures. Promote the adoption of best practices for securing OT systems, such as network segmentation, access control, and regular auditing. Provide training and awareness sessions for OT and IT staff on cybersecurity best practices for industrial control systems. Compliance & Documentation: Ensure compliance with relevant regulatory frameworks, industry standards (e.g.,NIST, IEC 62443, NERC CIP), and internal security policies. Maintain accurate documentation of security incidents, analysis, response actions, and lessons learned. Participate in audits and assessments to ensure the OT environment meets all required security standards. Continuous Improvement: Stay up to date with the latest OT cybersecurity threats, trends, and technologies. Contribute to the continuous improvement of OT security processes and procedures. Participate in simulated attack scenarios (e.g., red teaming, penetration testing) to evaluate the resilience of OT systems. Qualifications & Requirements: Education: Bachelor's degree in Cybersecurity, Information Technology, Industrial Engineering, or related field. Industry certifications (e.g., CISSP, CISM, GIAC GICSP, CompTIA Security+, ISA/IEC 62443) are preferred. Experience: 5+ years of experience in cybersecurity, with at least 2 years focused on Operational Technology (OT) security or Industrial Control Systems (ICS) security. Familiarity with OT/ICS systems such as SCADA, PLCs, RTUs, DCS, and other industrial automation technologies. Experience with OT security tools, SIEM systems, network monitoring tools, and vulnerability management solutions. Hands-on experience with incident detection, analysis, and response in OT environments. Technical Skills: Strong understanding of networking protocols (Modbus, OPC, BACnet, DNP3, etc.) used in OT environments. Proficiency in using SIEM platforms (e.g., Splunk, IBM QRadar), IDS/IPS, firewalls, and endpoint protection tools. Experience with OT-specific security technologies such as firewalls designed for ICS, intrusion detection systems, and industrial network segmentation. Understanding of risk management frameworks, security controls, and regulatory requirements related to OT (e.g., NIST, IEC 62443, NERC CIP). Knowledge of cybersecurity tools and methodologies, including vulnerability scanning, patch management, and endpoint detection. Desirable Attributes: Experience with threat intelligence platforms and analysis. Knowledge of digital forensics techniques and evidence handling. Familiarity with cloud-based OT/ICS systems or hybrid environments. Experience with incident management frameworks such as NIST or ISO 27001. Additional Information We are an equal opportunity workplace and are an affirmative action employer. We are always committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status and we do not discriminate based on such characteristics, or any other status protected by the laws or regulations in the locations where we work. This job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. EC-Council is committed to working with and providing reasonable accommodation to individuals with disabilities. If you have a medical condition or disability which inhibits your ability to complete any part of the application process and need a reasonable accommodation to complete the process, please contact us ecchr@eccouncil.org and let us know how we may assist you. This notice together with our Privacy Policy and Terms of Use of this website and any other documents we mention here are meant to inform you on what personal data about you we collect, use, disclose, share, or otherwise process when you are applying for a job at EC-Council or when EC-Council contacts you for recruitment purposes. Please read carefully to understand our views and practices on how we protect your personal data - Privacy Policy | EC-Council (eccouncil.org).

Required Skills Technology | Sentinel SIEM Tool Administrator | Level 2 Support Technology | Securonix SIEM Tools Administrator | Level 2 Support Education Qualification : B.Sc Certification Mandatory / Desirable : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC Certified Incident Handler/Certified SOC Analyst (CSA)/CompTIA Cybersecurity Analyst (CySA+)/Cisco Certified CyberOps Associate Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.

Primary Skills -Strong hands-on experience with Microsoft Defender (Endpoint, Identity, Cloud, Office 365). -Expertise in Microsoft Sentinel (SIEM/SOAR), including rule creation and automation. -Proficiency in digital forensics and incident response (DFIR). -Knowledge of Windows, Linux, and cloud security (Azure, AWS, etc.). -Experience with MITRE ATTCK framework, threat intelligence, and malware analysis. -Familiarity with scripting (PowerShell, Python) for automation and threat hunting. -Strong analytical and problem-solving skills with an investigative mindset. -Security certifications such as GCFA, GCIH, CEH, or Microsoft Security Certifications are a plus

Title: DFIR Analyst (Associate Consultant/Specialist) Location: Bangalore, Karnataka, India Job Experience: 2-5 years Job Type: Full-Time Job Description: We are seeking a skilled DFIR Analyst with 2-5 years of experience to join our team. The successful candidate will be responsible for conducting digital forensic investigations, responding to security incidents, and supporting RD activities. The candidate will work closely with other security professionals and stakeholders to identify, investigate, and remediate security incidents, as well as to enhance the organizations overall security posture. Key Responsibilities: Conduct digital forensic investigations to identify, collect, and analyze electronic data from various sources, such as workstations, laptops, and servers. Conduct incident response activities to detect, contain, and remediate security incidents, such as malware infections, data breaches, and other cyberattacks. Conduct forensic investigations of all major operating systems such as Windows, Linux, Mac OS, etc. Perform forensic analysis of system and application logs, web application logs, network traffic, and other digital artifacts to identify and track attacker activity. Collaborate with other security professionals and stakeholders to develop incident response plans and procedures. Provide technical expertise and guidance to stakeholders during incident response and forensic investigations. Develop and maintain detailed documentation of incident response and forensic investigation procedures, including reports, analyses, and recommendations for remediation and prevention. Stay up to date on industry trends and emerging technologies related to digital forensics and incident response. Possess strong RD skills and ability to self-learn Be flexible and available to work extended hours and weekends when necessary. Requirements: Bachelor/masters degree in digital Forensics or relevant field. 2-5 years of experience in digital forensics and incident response. Strong technical knowledge of digital forensics tools, techniques, and methodologies. Experience with incident response procedures, including detection, analysis, containment, and remediation. Experience with forensic analysis of system and application logs, web application logs, network traffic, and other digital artifacts. Strong analytical and problem-solving skills. Strong written and verbal communication skills. Flexibility to work extended hours and weekends when necessary.

This is a full-time role for an Assistant Professor in the field of Information Security and Digital Forensics. The faculty will be responsible for teaching, mentoring students, and conducting research in the field of Information Security and Digital Forensics. The role will involve designing and delivering lectures, developing curriculum, supervising projects, and providing guidance to students. Mentoring and advising students, supervising research projects, thesis, or dissertations at the undergraduate or graduate level Conduct workshops and weekly programs in information security and digital forensics for students in HQ Staying updated with the latest technological trends, tools and software, such as FTK, EnCase, Cellebrite, XRY, VA/PT and Information Security Auditing Pursuing personal research or professional growth in the field. Please Note: Only Post Graduates Applications are accepted

Responsibilities Cybersecurity Engineer Immediate to 15 days Work on Threat mitigation, Thread Intelligence, Intrusion Prevention, Digital forensics, incident response, and threat analysis to mitigate cyber threats Configured, and implemented operational support, troubleshooting for Firewall, IPS, and VPN devices, ensuring 99% uptime Conducted security assessments & validations of Firewall, IPS, VPN, and networking devices, mitigating risks Implemented and managed Endpoint Protection software for desktops and servers, for Business Continuity Software & Tools: Nessus, Wireshark, NMAP, OpenVAS, OWASP, Burp Suite, Tripwire, Encase, UFED, Access Data Forensic Toolkit (FTK 6.4), F.R.E.D., Axiom, Media Clone, Solo-4 and Oxygen Forensic Investigator, Postman.

Experience in digital forensic investigations, incident response, forensic tools such as EnCase, FTK, X1, or similar software for data recovery and analysis, CCFE,CFCE,GCFA, Windows, Mac, tabs, IPhones

Position Title: Security Engineer Organization /Function: Perform operational and project tasks during work shifts and guide peers and junior IT specialists Years of experience 4 to 6 years Relevant Experience: 4-6 years of experience. 2+ years of experience in Information Security, Security monitoring and incident response Educational Qualification: BE/B.Tech/ME/M.Tech/Graduate/Master/Diploma in any stream with excellent academic record Company Overview: Stratogent does IT and Cybersecurity operations. We build and operate complex infrastructure across on-premise, data centers, and clouds. We wrap any compute-storage-network platform with monitoring, automation and security services so customers can sleep while we cure failures and block threats. If Google’s mission is to “organize the world’s information”, ours is to “operate the world’s infrastructure”. We aren’t quite there yet, so we focus on being the best at knowing and doing operations for mid-size, high-touch and high-change IT environments. Our customer base is made up of progressive companies who are flag bearers of new technology adoption and are risk-takers. We have participated in successful (and failed) projects and bring that accumulated experience to each of our clients. Since 2008, we have acted as an extension of internal IT and Security teams and along the way achieved a community of highly satisfied clients who rave about our “no-fluff just stuff” style. Job description: The primary responsibility is to work on the existing or new Incidents, Service requests and Tasks Escalation point for L1 and triage the unresolved incidents or requests Business Relationships: Constantly communicates with associates and customers Key Responsibilities Analyze & Investigate cyber threats on a real-time/day-to-day basis, involving alerts review, log analysis, and event/incident correlations Evaluate the current Security Infrastructure for best practices, and recommend changes to enhance security ad reduce risks Develops security strategy plan and roadmaps based on the recommended practices Meeting clients to discuss security strategies, provide information, and explain the design system Run risks assessments and tests; prepare a plan to mitigate the potential risks Frequent interaction with customers for risks mitigation, corrective action, and Root Cause Analysis Escalate to L3 for any operations issues and security incidents that cannot be resolved at his level Perform preliminary security breaches investigation, perform forensic analysis and prevent them in the future Prepare Documents and Maintain Procedures, Response Plan, Runbooks, and associated processes for continuous improvement Review/Configure preventive rules on EDR, Spam filters, and other security tools Continuous Vulnerability Management & Policy Management with SIEM and Vulnerability Assessment tools Perform Validation of the exclusions from remediation of vulnerabilities based on the customer requirements Create Vulnerability Management dashboards and prepare trending reports Configure threat intelligence data feeds to provide identification of additional phishing/malware instances Regularly review and recommend changes to policies or controls as needed to enhance security Train and mentor the peers and juniors in the team. Must-have Skills: Prior working experience Performing incident handling, evidence acquisition, digital forensics, endpoint and Network,and Cyber security incident management Experience with investigating technologies such as log analysis, Malware analysis, Network, and Host forensics, Endpoint detection and response, SIEM, etc Good to have skills: Prior working experience Experience on other vulnerability Management tools such as Qualys, Rapid7 & tenable is desirable Candidate working with Managed Services/IT Services company is preferred, and a background in dealing with global teams and remote teams will be a strong plus Any one of the Certifications: Comptia Security+ Core Competencies Communication skills – excellent Written, Reading Comprehension, listening and Verbal communication Creativity/Innovation : Generates many new and unique ideas; makes connections among previously unrelated notions; is unafraid to use unorthodox methods; is seen as original and value-added in brainstorming settings. Intellectual Acumen : Intelligent and capable to deal with concepts and complexity comfortably, good at learning and deciphering new knowledge, able to assimilate new skills independently Flexibility : The ability to adapt to and work effectively with a variety of situations, individuals, or groups. It is the ability to understand and appreciate different and opposing perspectives on an issue, to adapt and approach as the requirements of a situation change, and to change or easily accept changes in one's own organization or job requirements Teamwork : A genuine intention to work cooperatively with others, to be part of a team, to work together as opposed to working separately or competitively. Encourages and facilitates cooperation, pride, trust, and group identity; fosters commitment and team spirit; works with others to achieve goals. Role & responsibilities Preferred candidate profile Perks and benefits

Given the breadth and complexity of the hundreds of products and services developed and provided by Oracle, there are many vastly different attributes (including education, skills, knowledge, experience, and abilities) required for specific roles within this job code. Consult with your manager about the specific expectations for your role and career progression within your organization. Description Manage a team that is responsible for the information security function, including but not limited to information technology security controls and architecture, information privacy, incident response/investigations and digital forensics, disaster recovery and business continuity, regulatory compliance, communication and training for information security initiatives. Responsibilities Leads a small team maintaining and/or implementing information security policies and procedures. Supervises the development, deployment and execution of controls and defenses to ensure the security and risk mitigation of company infrastructure technology and information systems. Identifies security architecture, goals, objectives and metrics; analyzes business needs and priorities for protection of critical systems. Monitor security programs and assurance, e.g. threat and vulnerabilities management, incident response management, management of forensic investigations. Evaluates potential business impacts from security breaches and provides guidance to business decision-makers. Assists with the development and execution of security systems compliance policies and procedures. Selects, develops and evaluates personnel to ensure the efficient operation of the function. Qualifications Minimum 6-10+ years experience in the Information Security field required. Preferred but not required qualifications include: Bachelor-level university degree in a relevant field from an accredited university, or equivalent. Previous experience as dotted line manager, vendor manager, employee mentor or technical lead. Preferred Certifications: CISSP, CISM, CEH, etc Career Level - M3 Manages a team maintaining and/or implementing information security policies and procedures. Manages the development, deployment and execution of controls and defenses to ensure the security and risk mitigation of company infrastructure technology and information systems. Identifies security architecture, goals, objectives and metrics; analyzes business needs and priorities for protection of critical systems. Manage security programs and assurance, e.g. threat and vulnerabilities management, incident response management, management of forensic investigations. Evaluates potential business impacts from security breaches and provides guidance to business decision-makers.

Job Description: Cyber Threat Intelligence Operating System-Understanding of how different system work, especially windows, Linux, MacOS. Programming Languages: Java, Python (Basic Understanding needed) Malware Analysis Techniques: Static & Dynamic analysis, code analysis, behavioral analysis, forensic analysis. Malware Analysis Tools: Need to have proficiency in using various malware analysis tools Static Analysis- CFF Explorer, PEiD, PEStudio, Stings, FLoss, ExeInfo PE, SSDEEP Dynamic Analysis Tools: Process Monitor, Process, Process Hacker, Sysmon, Auto runs, Regshot Reverse Engineering Tools: IDA Pro, Ghidra Analysing Suspicious Files / Sand boxing by using :Virus Total, Hybrid Analysis , Cuckoo , Any run , Intezer, Joe Sandbox Network Tool: Wireshark, InetSim. Malware Mitigation strategies: Have knowledge of various malware mitigation strategies such as preventation, detection removal , recovery and response. Good understanding on MITRE framework(TTP, IOC ,Threat Actor). Cyber kill chain, Dark web Analysis Should be able to setup the malware analysis lab with minimum support Threat Analysis- Analyze threat data from various sources to identify trends, tactics, techniques, and procedures (TTPs) used by cyber adversaries. Incident Response: Collaborate with the incident response team to provide intelligence support during security incidents. Reporting: Prepare and present intelligence reports to stakeholders, highlighting significant threats and recommended actions. Research: Conduct research on emerging threats, vulnerabilities, and security trends to inform strategic decisions. Collaboration: Work with internal teams and external partners to share intelligence and improve threat detection capabilities. Tool Utilization: Use threat intelligence platforms and tools to gather, analyze, and disseminate threat information-MISP, Threat Connect, Cyble , Anomali Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or GIAC Cyber Threat Intelligence (GCTI) are preferred. Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL-200743