DFIR Professional

DFIR - J48417

Mandatory Skills: Cyber forensics, Memory analysis, Memory Forensics, Incident response, Digital Forensics, Strong communication skill (verbal and written), Working knowledge of Forensics tools including (but not limited to) FTK, Encase, Autopsy, Magnet Axiom, volatility, wireshark, Threat intelligence feeds, Cyber threat landscape and APT groups, SIEM (any), EDR (any), MITRE framework, Cyber kill chain framework.

Qualifications:

• 2+yrs of working experience in the computer forensics, cybercrime investigations, and other related technical fields with a combination of both public and private sector experience preferred.
• Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise and business.
• The ability to constantly develop new and grow existing skills relating to Digital Forensics, as well as computing and professional topics.
• Knowledge of computer forensic best practices and industry standard methodologies for investigating host-based and network analysis
• The knowledge, skills, and ability to preserve digital evidence from a variety of platforms in a forensically sound manner.
• Knowledge of and a proven ability to follow globally established standards in digital evidence acquisition and handling.
• Demonstrate an understanding of digital forensic tools and techniques used to support internal fraud and employee investigations.
• Serve as an initial point of escalation for suspected incidents and intrusions.
• Demonstrated capability with endpoint detection and live response tools.
• Knowledge of digital forensics on Microsoft Windows, Mac, and Linux based systems.
• Proficiency with DFIR related open-source tools, memory, and full disk analysis
• The ability to work independently or with a team during large scale forensic investigations
• Demonstrate an understanding of incident response forensics and root cause analysis.
• Experience preparing in-depth investigation reports into forensic investigations, breach reports, privacy incidents and data exposure type cases.
• The ability to constantly develop new and grow existing skills relating to Digital Forensics, as well as computing and professional topics.
• Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation.
• Certifications: Desirable certifications include, (but not limited to) CHFI, CIH, CSA, CEH, GSEC, GCIH, GCIA, GCFE, GREM, GCFA.
• BE-Comp/IT,BE-Other