About The Position
The ideal candidate will have a strong background in digital forensics and incident response, with a keen eye for detail and a proactive approach to threat detection and mitigation.
Part-time position, hourly rate
We Offer:
- People-oriented management without bureaucracy
- The friendly climate inside the company is confirmed by the frequent comeback of previous employees
- Full financial and legal support for private entrepreneurs
- Free English classes with native speakers or with Ukrainian teachers (for your choice)
- Dedicated HR
Responsibilities:
- Perform full disk forensic analysis on Windows, Linux, and OSX systems to support investigations of security incidents and breaches.
- Use forensic tools and techniques to gather and examine evidence from various types of digital media
- Analyze a wide range of log data, including journald/syslog, Microsoft 365 audit logs, and Windows event logs, to identify and understand the nature of potential security incidents.
- Extensive experience in conducting full disk forensics for Windows, Linux, and OSX environments, covering both workstations and servers.
- Ability to perform comprehensive incident response and forensic investigations, including data collection, examination, and analysis.
- Familiarity with leading Endpoint Detection and Response (EDR) platforms such as CrowdStrike, SentinelOne, or Microsoft Defender for Endpoint.
- Operate and Utilize EDR Systems
- Manage SIEM Tools
- Develop and maintain scripts to automate routine DFIR (Digital Forensics and Incident Response) tasks and processes.
- Leverage experience with cloud platforms to perform forensic investigations and manage security incidents within cloud environments.
Requirements
- Extensive experience in conducting full disk forensics for Windows, Linux, and OSX environments, covering both workstations and servers.
- Ability to perform comprehensive incident response and forensic investigations, including data collection, examination, and analysis.
- Proficient in analyzing various types of logs such as journal/syslog, Microsoft 365 audit logs, and Windows event logs to detect anomalies and suspicious activities.
- Some experience with Security Information and Event Management (SIEM) systems such as Microsoft Sentinel, Splunk, or Elastic/ELK.
- Ability to script in at least one language (e.g. Python, PowerShell, golang)
- Proven capability in threat hunting using these EDR tools, identifying and mitigating advanced threats within network environments.
- Some experience with cloud platforms like AWS, Azure, or Google Cloud Platform (GCP)
- Upper - intermediate English level
Our next steps:
✅ Submit a CV in English — ✅ Intro call with a Recruiter — ✅ The client interview— ✅ Test task — ✅ Offer
Offices