Incident Responder DFIR Specialist
תאור משרה
Incident Responder – DFIR Specialist
About the Role
We are seeking a passionate Incident Responder to join our dynamic cybersecurity team. In this role, you will be at the forefront of defending our organization against cyber threats. You will proactively investigate and respond to security incidents, perform deep-dive forensic analysis, and develop actionable remediation plans. Your expertise will help shape our threat detection and response capabilities, ensuring the resilience of our digital infrastructure
Key Responsibilities
Investigate and analyze security incidents to determine the scope, impact, and root cause
Perform threat hunting across internal and external data sources to identify malicious activity
Conduct digital forensics on systems, including memory and host-based analysis
Develop and implement incident response playbooks and remediation strategies
Collaborate with cross-functional teams to contain and remediate threats
Design and recommend defensive measures to prevent future attacks
Stay current with evolving attacker TTPs (Tactics, Techniques, and Procedures)
Participate in an Incident Response on-call rotation approximately once every 4 weeks
?Why Join Us
Work with a passionate and skilled cybersecurity team
Tackle real-world threats and make a tangible impact
Opportunities for continuous learning and professional development
Ready to defend, detect, and respond? Apply now and help us stay one step ahead of cyber threats
ניסיון מקצועי
Required Qualifications
3+ years of hands-on experience in Incident Response, Threat Hunting, Digital Forensics, and Security Monitoring
Strong understanding of networking concepts and advanced network traffic analysis
Proven ability to lead and coordinate incident response efforts across teams
Deep knowledge of system forensics, including memory and host analysis
Excellent communication skills with the ability to convey complex technical issues clearly
Experience working in large-scale enterprise environments with complex security challenges
Preferred Qualifications
Experience with cloud security practices in AWS and Azure environments; AWS Security Specialty and/or Azure Security Engineer Associate certification is a plus
Familiarity with offensive security techniques and penetration testing methodologies
Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation and tooling