Connecting linkedin

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9oyw1sew4td2lsbglhbxmvanbnl2jhbm5lci1kzwzhdwx0lwpvyi5qcgcixv0

Job

Incident Response and Digital Forensics Expert

  • Location

    Delft

  • Sector:

    Technology

  • Job type:

    Permanent

  • Salary:

    70.000 - 100.000 €

  • Contact:

    Jonathan Alcalay

  • Contact email:

    j.alcalay@hamlynwilliams.com

  • Salary high:

    0

  • Salary low:

    0

  • Job ref:

    REF-151121.1

  • Published:

    19 days ago

  • Duration:

    Permanent

  • Expiry date:

    2022-03-15

  • Startdate:

    ASAP

Incident Response & Digital Forensics Expert

 

The opportunity 

We are looking to expand its CIRT team and at the same time solidify our footprint as one of the leading global cyber security specialists with a strong local presence. As the demand for incident response and forensic services is growing rapidly, we are looking to open regional CIRT hubs in the Nordics and Germany being the extended team of our CIRT team in The Netherlands. 

 

What are we looking for

  • Are you a rock for customers who have been hit by a serious cyber-attack? 
  • Do you have a deep technical understanding and are you not hesitating to use the command line? 
  • Can you explain to a n00b how an exploit works? 
  • Are you passionate about cyber security and do you want to make a difference?  
  • Would you like to work with one of the leading cyber security companies in Europe?

 

What will you be doing

The phone rings: a customer has been pointed out by an anonymous tip that their entire customer base is accessible from the internet. After a quick check on who else is available, you will be in a (virtual) “war room” with the customer an hour later. During the first hour you talk to managers, system administrators and IT suppliers to find out where the leak could be and where relevant research data can be found.

Together with a team of specialists you take charge: who is going to secure which data, in what form do you want it and what needs to be prepared in our Forensics Lab? In between the companies you reassure the customer: everything will be fine, as long as they listen to you carefully. After a thorough analysis of various log files, it soon becomes apparent where the leak is. You advise on a number of mitigating measures and you go to bed deep into the night with a satisfied feeling. The report will be delivered tomorrow, when you are a bit rested. 

 

Do you recognize yourself?

Well, you are a good fit for us if you are an experienced and social tech person with deep knowledge of operating systems and network protocols. You don't just have that knowledge (only) from a book but gained through hours of tweaking and trying everything for that final 'yes' moment. We don't really care about your education, as long as you can operate at a higher vocational / university level and have a great affinity with cybersecurity and fact-finding. You also know how to handle confidential information; it is not up to you to disclose events regarding the incidents happening at our customers.

 

“I just ran a PCAP through WireShark when my SIEM came up with search results. Further research brought me to a memory image from which I dumped an executable with Volatility. Based on the E01 of the hard disk of that system, I searched for a corresponding prefetch file. When I found it, I knew this is patient zero.”  


Do you get butterflies in your stomach while reading this sentence? Then we are looking for you! 

 

What do we offer 

We offer you a fantastic opportunity to make a difference in one of the World’s largest cyber security companies. You will be joining an international team where your ideas are heard and acted upon, where decisions are taken quickly but not hastily. It’s also a place where you can expand your unquenchable thirst for knowledge and contribute to our mission for a More Secure Society. Apart form this, you will also get:

  • Flexible working hours, so that you can start your workday a bit later or do your work from home.
  • An attractive fixed monthly salary
  • A very challenging environment where there are opportunities to do and learn a lot within a short time: enough challenge to keep you busy for years;
  • A place in the CIRT team that helps major customers at home and abroad with solving and investigating (major) digital thefts; 
  • Many development opportunities: you can gain and share knowledge through TechTalks, Crypto Colloquia, events and our Training Academy.
  • A performance bonus
  • A fixed pension scheme
  • A paid private internet connection
  • A company laptop and mobile phone 

 

#LI-JA1