DFIR and Threat Intelligence Analyst
84 Recruitment
- Auckland
- $130,000-140,000 per year
- Permanent
- Full-time
Our client is a large government agency that is currently undergoing a complex digital transformation. By joining their mission, you will help safe guarding Northern Region's data and information systems for the organisation.About the role
As a DFIR and Threat Intelligence Analyst, where you'll play a crucial role in safeguarding our nation's critical assets and infrastructure against cyber threats. As part of our dedicated DFIR and Threat Intelligence team, you will be at the forefront of digital forensics, incident response, and threat intelligence analysis.Your day-to-day activities will involve conducting digital forensics investigations, analyzing threat intelligence data, and collaborating with cross-functional teams to enhance the cyber defense capabilities. You'll have access to cutting-edge tools and technologies, allowing you to stay ahead of emerging threats and vulnerabilities.Responsibilities
- Conduct and manage digital forensics investigations including collection, preservation, examination, analysis, and reporting.
- Ensure that all digital forensics and investigations-related activities comply with industry best practices, legal and regulatory requirements, and internal policies and standards.
- Support the response to cyber security incidents, providing technical expertise and support for digital forensics and investigations activities.
- Collaborate with the SOC, IR and CTI teams to form a virtual Digital Forensics and Incident Response (DFIR) team.
- Collaborate with other teams such as security and cyber risk, to ensure that digital forensics and investigations processes are aligned with broader cyber security goals.
- Investigate different forms of electronically stored information (ESI) to support legal, compliance and privacy teams pertinent to e-discovery efforts.
- Support the development and implementation of a cybersecurity threat analysis structure of common attack techniques to evaluate an attacker's spread through systems, platforms, or a network by collecting Indicators of Compromise (IOCs) from malicious activity to strengthen incident response and threat detection efforts.
Do you dream big? They do too, and they are excited to grow together. In this role, you will bring:
- 3+ years of experience in digital forensics and investigations with a focus on supporting SOC and incident response teams via a strong working knowledge of digital forensics tools and technologies.
- Preferred advanced degree in Computer Science, Cybersecurity, Computer Engineering or a related field however consideration will be given to experience in lieu of the advanced degree.
- Forensic-focused certifications such as A GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Network Forensic Analyst (GNFA), and GIAC Advanced Smartphone Forensics (GASF) are desired.
- Experience investigating large-scale and complex incidents such as APTs, Insider Threat, Economic Espionage, 3rd PartySupply Chain, Ransomware, Vulnerability Exploitation, and Data Exfiltration.
- Proficiency in common programming languages and operating systems (Windows, MAC, and Linux).
- Experience with forensic analysis techniques, including traditional disk image analysis, volatile memory analysis (RAM), and malware analysis such as binary identification, profiling, and strings.
- Familiarity with industry-standard forensic software.
- Experienced with opensource forensic tools.
- Knowledge of cybercrime trends and threat actors.
- Knowledge of relevant legal and regulatory frameworks and supporting e-discovery efforts.
- Strong analytical and problem-solving skills, with the ability to identify and resolve complex technical issues.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders.