6 Network Forensics Jobs

JOB TITLE: Associate Director, Forensics JOB CODE: P19 Summary The Associate Director of Forensics manages and oversees all aspects of the Digital Forensics Incident Response (DFIR) engagements for multiple Tiger Teams, including the Tiger Teams performance, execution, delivery, quality control, and client development. Operating as an industry leader in Digital Forensics Incident Response, and a trusted advisor to the client and breach coach, the Forensic Associate Director helps to ensure 100% client success. The Associate Director, Forensics will provide breach coaches and Insurance Carriers with tailored detailed analysis through a narrative and story with reports summarizing how the unauthorized actor obtained access and identifying the potential root cause of the cyber intrusion. ROLES & RESPOSIBILITIES Provides forensic data and artifact collection requests needed for the forensic analysis and ensures the data is collected, delivered, and processed following the project timelines and deliverables Responsible for shadowing on scoping calls they are assigned to by the teams IR Ops Associated Responsible for listening to the scoping call to have situational awareness and case background from the start of every engagement, so they can drive the forensic investigation forward ensuring the right data is collected and analysis questions answered Supporting the Director, as a Forensic SME for all active forensic analysis for projects on their assigned Tiger Teams Responsible for maintaining target utilization for the assigned Tiger Teams from client billable work including forensic analysis, participating in client update or forensic scoping and update findings calls, client correspondence related to forensic analysis, data collection, or investigative questions verbally or in writing Manages and oversees the forensic data collection process in support of the forensic investigation for the assigned engagement Ensures the forensic project timeline is on track, daily updates are provided from the assigned Tiger Teams, and Analyst SLAs are met (i.e., report is delivered on time, interim and final updates are provided on time when asked) Ensures the Tiger Teams and assigned analysts have the data, context, and clarity they need to conduct accurate and timely analysis Participate in client-facing calls when needed to support Tiger Teams and provide forensic updates as needed to ensure accurate findings are conveyed as they relate to the investigation Communicating both verbally and in writing to answer client and counsel questions related to the forensic investigation Oversee the delivery of the Tiger Teams and forensics pool while providing technical reviews and quality control for updates and reports Support the Tiger Team with delegating and managing the Tiger Team including the Senior Analysts and Analysts on their respective Tiger Team Conducts the performance reviews of all forensic analysts on their respective Tiger Teams Maintain a minimum caseload of at least three cases for which they will lead and deliver forensic analysis updates with the Tiger Team. The caseload will be maintained alongside the Forensic Associate Directors other responsibilities and duties Conducts final review of the report from the perspective of the forensic investigator ensuring all possible investigative questions were addressed in the analysis and requesting additional context or analysis when the report requires more work May perform other duties as assigned by management Role Accountabilities Squad Management Manage cadence and team delivery through routine team meetings Review and assess team performance through the measurement of KPIs Develop consistency between pods through the execution of playbooks and consistent training for new hires Project Leadership Ensure projects stay within scope, schedule, and budget Manage project communications, negotiations, and solutions Address client feedback as directed by Sr. Leadership Performance Management Hold individuals accountable for following the playbooks Inspire individuals to achieve results measured by defined metrics Be open to new ideas and ensure best practices are implemented Process Oversight Ensure adherence to business processes to ensure operational efficiency and help identify infrastructure requirements to meet the business needs Track lessons learned from previous projects and ensure playbooks and training materials are reviewed & updated regularly Team Utilization Manage project assignments and hand off processes Ensure the team follows and upholds standardized process Quality Assurance / Client Satisfaction Ensure client satisfaction among internal and external stakeholders Responsible for creating and updating metrics indicating client satisfaction among internal and external stakeholders Project Execution / Delegation Provide oversight of client satisfaction among internal and external stakeholders Monitor and report metrics indicating client satisfaction among internal and external stakeholders Support the development of strategic partnerships to maintain profitable and long- lasting relationships with key clients Job Requirements Must have 10+ years of incident response or digital forensics experience with a passion for cyber security (consulting experience preferred) Proficient with host-based forensics, network forensics, malware analysis and data breach response Experienced with EnCase, Axiom, X-Ways, FTK, SIFT, ELK, Redline, Volatility, and open-source forensic tools Experience with a common scripting or programming language, including Perl, Python, Bash, or PowerShell Experience managing and mentoring forensic teams, preferably in a security, incident response or professional services consulting firm A deep understanding of working with legal counsel and the ability to thrive in a fast-paced environment, experience working with and communicating with C-level executives, attorneys, and insurance carriers DISCLAIMER The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties and skills required personnel so classified. WORK ENVIRONMENT While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of this job. TERMS OF EMPLOYMENT Salary and benefits shall be paid consistent with Arete&aposs salary and benefit policy. DECLARATION The Arete Incident Response Human Resources Department retains the sole right and discretion to make changes to this job description. EQUAL EMPLOYMENT OPPORTUNITY Were proud to be an equal opportunity employer- and celebrate our employees differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better. Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry. When you join Arete Youll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but were about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters. Equal Employment Opportunity Were proud to be an equal opportunity employer- and celebrate our employees differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better. Show more Show less

The STM EndPoint Protection-JL10 role is responsible for ensuring the security of the organization's endpoints through the development and implementation of effective protection strategies. This position requires a strong understanding of cybersecurity principles and the ability to respond to and mitigate potential security threats. Responsibilities Develop and implement endpoint protection strategies to safeguard the organization's data and systems. Monitor and analyze security alerts and incidents to respond to potential threats. Conduct regular assessments and audits to ensure compliance with security policies and protocols. Collaborate with IT teams to enhance endpoint security configurations and policies. Provide training and support to end-users on best practices for endpoint security. Stay updated with the latest security trends, vulnerabilities, and technologies. Document and report on security incidents, including root cause analysis and remediation efforts. Skills and Qualifications In-depth knowledge of endpoint protection technologies and tools. Experience with security frameworks and compliance standards (e.g., ISO 27001, NIST, GDPR). Proficiency in threat detection and incident response methodologies. Strong understanding of operating systems (Windows, Linux, MacOS) and network protocols. Experience with antivirus and anti-malware solutions. Ability to analyze security logs and identify potential threats. Excellent problem-solving and analytical skills. Strong communication and collaboration skills.

Job Description Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion it's a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What you'll be doing Key Responsibilities: Proactively monitors the work queues. Performs operational tasks to resolve all incidents/requests in a timely manner and within the agreed SLA. Updates tickets with resolution tasks performed. Identifies, investigates, analyses issues and errors prior to or when they occur, and logs all such incidents in a timely manner. Captures all required and relevant information for immediate resolution. Provides second level support to all incidents, requests and identifies the root cause of incidents and problems. Communicates with other teams and clients for extending support. Executes changes with clear identification of risks and mitigation plans to be captured into the change record. Follows the shift handover process highlighting any key tickets to be focused on along with a handover of upcoming critical tasks to be carried out in the next shift. Escalates all tickets to seek the right focus from CoE and other teams, if needed continue the escalations to management. Works with automation teams for effort optimization and automating routine tasks. Ability to work across various other resolver group (internal and external) like Service Provider, TAC, etc. Identifies problems and errors before they impact a client's service. Provides Assistance to L1 Security Engineers for better initial triage or troubleshooting. Leads and manages all initial client escalation for operational issues. Contributes to the change management process by logging all change requests with complete details for standard and non-standard including patching and any other changes to Configuration Items. Ensures all changes are carried out with proper change approvals. Plans and executes approved maintenance activities. Audits and analyses incident and request tickets for quality and recommends improvements with updates to knowledge articles. Produces trend analysis reports for identifying tasks for automation, leading to a reduction in tickets and optimization of effort. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Certifications relevant to services supported. Certifications carry additional weightage on the candidate's qualification for the role. CCNA certification in must, CCNP in Security or PCNSE certification is good to have. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type: On-site Working

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion it's a place where you can grow, belong and thrive. Your day at NTT DATA The Managed Services Cross Technology Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their IT infrastructure and systems remain operational through proactively identifying, investigating, and resolving technical incidents and problems and restoring service to clients by managing incidents to resolution. The primary objective of this role is to ensure zero missed service level agreement conditions. The Managed Services Cross Technology Engineer (L1) focuses on first-line support for standard and low complexity incidents and service requests. This role focusses across two or more technology domains such as (but not limited to) Cloud, Security, Networking, Applications and / or Collaboration. The Managed Services Cross Technology Engineer (L1) may also contribute to / support on project work as and when required. What you'll be doing Key Responsibilities: Monitors client infrastructure and solutions. Identifies problems and errors prior to or when they occur. Routinely identifies common incidents and opportunities for avoidance as well as general opportunities for incident reduction. Investigates first line incidents assigned and identifies the root cause of incidents and problems. Provides telephonic or chat support to clients when required. Schedules maintenance activity windows for patching and configuration changes. Follows the required handover procedures for shift changes to ensure service continuity. Reports and escalates incidents where necessary. Ensures the efficient and comprehensive resolutions of incidents and requests. Updates existing knowledge articles or create new ones. Identifies opportunities for work optimization including opportunities for automation of work, request fulfilment, incident resolution, and other general process improvement opportunities. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience) Certifications relevant to the services provided (certifications carry additional weightage on a candidate's qualification for the role) Relevant certifications include which are considered desirable (but not limited to): CCNA or relevant level 1 Network Security Microsoft Certified, Azure Administrator Associate AWS Certified, Solutions Architect Associate Veeam Certified Engineer VMware certified Professional: Data Centre Virtualization Zerto, pure, vxrail Google Cloud Platform (gcp) Oracle Cloud Infrastructure (oci) Required Experience: Entry-level experience with troubleshooting and providing the support required in security / network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization. Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (i.e. Security, Network, Data Centre, Telephony, etc.). Basic knowledge of ITIL processes. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

5+ years of experience with proactive threat detection using EDR, SIEM, and network forensics tools. 5+ years of experience investigating adversary tactics, techniques, and procedures (TTPs) based on frameworks like MITRE Telecommunication & CK. 5+ years of experience investigating indicators across endpoints, networks, cloud, and identity systems to uncover widespread malicious activity. Strong analytical skills for investigating advanced persistent threats (APT) and identifying sophisticated attack patterns. Experience conducting or participating in threat simulations and red team exercises to improve detection capabilities. Work Location given in ECMS ID

Job Summary: We are seeking a highly experienced SOC SME to lead complex incident response, design advanced detective controls, and perform proactive threat hunting across multi-platform environments. This role demands strong technical expertise in security operations and a proactive approach to threat mitigation. Work from Office - Bangalore location [Brookfield] Rotational and Night Shift applicable Mandatory Skill Set: 8+ years in Security Operations/Incident Response Hands-on with SIEM, SOAR, XDR platforms (e.g., Cortex XSIAM, Torq) Expertise in threat hunting and event analysis Knowledge of cyber frameworks: MITRE ATT&CK, NIST, Kill Chain Experience with EDR tools , network forensics , and log analysis Strong understanding of incident lifecycle and post-incident reporting Excellent analytical and communication skills Bachelor's degree in Computer Science or related field Key Responsibilities: Lead incident response (IR) and analyze complex security events Design and improve detective controls and alert use cases Conduct proactive threat hunting and trend analysis Stay updated on cyber threat landscape and threat actor TTPs Contribute to security innovation , tool enhancement, and process maturity Deliver detailed incident reports and post-mortem reviews Preferred Skills: Scripting: Python, PowerShell Cloud Security: AWS, Azure, GCP Certifications: CISSP, GIAC, CEH Strong grasp of defense-in-depth and layered security strategies