Job Purpose
The role holder will be responsible for conducting in-depth digital forensic analysis in response to cyber security incidents, gathering indicators of compromise (IOCs) and reporting the findings according to the relevant laws, regulations and best practices.
Key Duties and Responsibilities
Strategic Responsibilities
Assist in the overall administration and running of the digital forensics and incident response section
Responsible to the Digital Forensics Manager for efficient incident response, analysis, recovery and reporting.
Technical and Operational Responsibilities
Team leader during incident response.
Utilize appropriate computer forensic hardware and software to collect, extract, preserve and analyze digital evidence according to standard operating procedures.
Conduct on-site forensic analysis/triage previews of windows, Linux, Mac and virtualized systems.
Apply various tools to perform static and dynamic malware analysis to understand behavior, functionality and impact.
Conduct Memory forensics to discover malware indicators of compromise.
Compile forensic reports on findings from digital evidence analysis and provide recommendations for threat mitigation.
Continuously improve processes and procedures for incident response management and analysis as guided by relevant laws, regulations and best practices.
Ensure maintenance of digital forensics tools and equipment for operational effectiveness.
Implement incident management policies and Standard Operating Procedure manual on incident management.
Ensure reverse compatibility and interoperability of archive media due to disparity in hardware and software versions, media lifespan and file formats.
Maintenance of laboratory records request for response assistance, devices received, analyzed, dispatched and visitors to the laboratory.
Maintain a record/log of laboratory tools, equipment, techniques and procedures performance verification and validation testing.
Stay updated on current trends and advancements in Digital Forensics and Malware research.
Other Responsibilities
Perform any other duties and responsibilities as may be assigned.
Qualifications
A Bachelor's Degree in Computer Science, Information Technology, Digital Forensics and/ or any other related qualification.
Practical hands-on experience on a broad range of Incident response, Threat Hunting and Digital Forensic Examinations.
Professional Cyber security certifications; Certified Ethical Hacker CEH, SANs FOR508 or FOR 610, Computer Hacking Forensics Investigator, CHFI or any other equivalent certification.
Work Experience
Five (5) years' experience with at least three (3) years in active incident response and Digital Forensics practice.
Experience in working with high-level programming languages.
Understanding of debuggers and disassemblers.
Understanding of memory forensics.
Understanding of cryptography.
Understanding of virtual machine forensics.
Knowledge of anti-forensic techniques and procedures.