CyberClan logo

Digital Forensics Incident Response Analyst

CyberClan
Full-time
Remote
Digital Forensics & Incident Response

This is a remote position.

CyberClan is a boutique cybersecurity with operations in the US, the UK and, Canada. The company provides 24/7/365 incident response services across North America and the United Kingdom, including proactive cybersecurity services, red team & blue team exercise, threat intelligence platforms, dark web investigation, cyber extortion, ransomware negotiation, information technology restoration, and next-generation managed cybersecurity services. Our team has worked with federal, provincial, and government agencies. We are seeking an energetic and innovative DFIR analyst to join our team!

The Digital Forensic Incident Response Analyst is a highly motivated self-starter with a passion for problem solving through challenging and high-stakes situations.  This exciting role presents the opportunity to dive deep into host systems and track down attacker activity and indicators of compromise. 


This job is ideal for an individual that is dependable, detail-oriented, able to work independently under pressure. The ideal person must enjoy taking on challenges, enjoy interacting with clients, and working on multiple cases.

Essential Functions Include:
  • Analyzing event and system logs, performing digital forensic and malware analysis/triage, and analysis on related incident response data
  • Creating timelines and relationships between fractional data through deductive reasoning
  • Liaising with client operations and technical teams to implement remediation plans post incident
  • Offering consulting and providing regular updates for project managers and client POCs
  • Developing and generating comprehensive reports for both technical and executive level audiences



Requirements

The Ideal Candidate Has:

·       1-2 years’ experience in a technical or IT operations environment  
·       Ability to comprehend incident response processes and best practices
·       Familiar with intrusion detection systems such as snort, tcpdump, and Wireshark
·       Understanding of various attack vectors, threat tactics, and attacker techniques 
·       Knowledgeable on network architecture and security infrastructure
·       Experience with Windows operating systems and command line tools
·       Understanding of ports, sessions, DNS, and HTTP

Nice to Have:
·       Bachelor’s degree in Computer Science or related field
·       Experience working on mission critical security operations team 
·       Excellent written and communication skills
·       A strong desire to be challenged and an openness to learn continuously
·       Knowledge of webshells, DNS servers, vs HTTP proxy
·       OSINT skills
 
 

Job Type

Full-time/Exempt

 

Location

100% Remote


%of Travel Required

0-5%

 

Physical Requirements

Prolonged periods of sitting at a desk and working on a computer.



Benefits

We offer health benefits for all full-time employees, PTO, paid holidays, STD, LTD, Life Insurance, Supplemental Benefits, Legal Assistance, and more.

Apply now
Share this job
Twitter Facebook Linkedin Email