DFIR/SOC Analyst · Expertise in Forensic Log Collection on Linux Machines · Proficient in acquiring system-level artifacts from Linux environments for digital forensic analysis. · Usage of Unix-like artifact collectors such as UAC (Unix Artifact Collector), Log2Timeline, Volatility, FTK, Encase, Eric Zimmerman's tools. · Development of Customized Scripts · Tailoring the default UAC script to fit specific incident response or investigation use cases including the Application logs. · Performance tuning to minimize system impact during live data acquisition. · Custom scripts for parsing and pattern based detection (Python, Bash, etc.) · Strong Understanding of Telecom Components · Familiarity with core telecom infrastructure such as: · Signaling systems (SS7, SIP, Diameter) · Network elements (MME, PGW, SGW, SIGTRAN, SPF, AMF, UPF, MSC, HLR, VLR, UDC, GTP etc.) · Bulk Analysis of Collected Artifacts · Triaging and prioritizing systems based on severity and presence of confirmed IOCs or TTPs. · Investigating a large number of systems in bulk using collected artifacts from Linux systems. · Leveraging automation and scripting (e.g., Python, Bash, YARA rules) to efficiently parse and analyze forensic data. · Identifying Indicators of Compromise (IOCs), suspicious behavior patterns, and anomaly detection. · Suspicious behavior patterns, including lateral movement, privilege escalation, and anomalous process execution. · Persistence mechanisms (e.g., rootkits, startup script modifications, backdoored binaries). · Timestamps for tampering or time-skewing to detect anti-forensic behavior. · Correlation of events across systems and timeframes to establish timelines and root causes. · Identification of Unauthorized Access, Unauthorized Configuration related changes, Malicious binaries, Persistence, Data Exfiltration, etc. · Support in post-incident activities such as RCA sessions or tabletop exercises. · Validation of Password reset activities. · Documentation and Reporting · Compilation of forensic findings into a structured and comprehensive report, including: • Executive summary • Technical findings with evidence • Timeline of events • Mapping the detections to MITRE TTPs • Recommendations for remediation and mitigation • Use case recommendation based on the TTPs. • Maintenance of internal documentation to support audit trails and reproducibility of analysis. · Interpersonal Skills · Ability to communicate complex technical findings effectively to both technical and non-technical audiences · Strong analytical and problem-solving skills, with attention to detail and accuracy · Self-driven and able to work effectively in high-stress situations, handling multiple incidents simultaneously · Demonstrated ability to work both independently and collaboratively within a team · Flexible in Shifts Show more Show less

Role Summary: The 5G Security Specialist will focus on securing 5G infrastructure by ensuring robust architectural designs, developing security controls, and monitoring for 5G-specific threats. The role also involves addressing unique security challenges posed by 5G technologies. Job Description: Design, implementation, and maintenance of security solutions for 5G networks. Designing a secure 5G network architecture that ensures the integrity of 5G infrastructure, including the RAN (Radio Access Network), Core Network, and Transport Network. Conducting risk assessments and vulnerability analyses for 5G infrastructure. Monitoring and responding to security incidents in real-time in 5G networks. Developing and enforcing security policies, standards, and procedures for 5G networks. Collaborating with cross-functional teams to ensure secure deployment of 5G technologies. Staying updated on the latest 5G security threats, trends, and mitigation strategies. Providing training and guidance to internal teams on 5G security best practices. Working with vendors and partners to ensure compliance with security standards. Preparing detailed reports and documentation on security assessments and incidents. Implementation of 5G security features like encryption and authentication protocols at the subscriber, application, and network layers. Implementation of security controls for network slicing, including ensuring secure isolation between slices for different services, and robust access control between 5G components. Deployment of 5G-specific intrusion detection/prevention systems (IDS/IPS) to monitor and detect threats in the 5G network, such as DDoS attacks, man-in-the-middle (MITM) attacks, and vulnerabilities in the RAN. Security assessments on 5G core elements to identify vulnerabilities in protocols like N2, N3, and N6 interfaces using penetration testing tools and custom scripts, and following industry standard as per GSMA/3GPP Development of 5G-specific incident response plans, including automated network quarantine and isolation procedures for compromised devices or services in the 5G network. Conduct 5G vulnerability assessments and risk mitigation plans. Show more Show less