Forensics and Malware Investigator

Iceberg Cyber Security
London (Greater)
£40,000 - £49,999, £50,000 - £59,999, £60,000 - £69,999
07 Nov 2017
18 Nov 2017
Contract Type
Full Time

My client has an exciting permanent opportunity for a passionate Forensics and Malware Investigator to join their growing team in London. They are a FTSE100 company and investing huge sums into increasing their Cyber Security function by 50 people per year! This is an ideal role for candidates with technical experience host, network and memory forensics, incident response and malware/threat analysis.

The ideal candidate will be the go to person for on-going forensic incident response as part of the Technology security team, where potential threats are identified you will contribute to and in some cases lead the response and investigation required to obtain all of the facts. A typical day will involve close working with security teams, deep dive forensics and malware investigations, responding to incident tickets and alerts, aiding investigations, and continually improving my clients response, detect and prevention processes. A key aspect will be contribution to the development of forensic investigation tooling and capability.

Required experience:

  • Technical experience in host, network and memory forensics
  • A passion and experience in malware and threat analysis
  • Experience of evidence & artefact acquisition, both via physical and remote methods
  • Understanding of file system fundamentals, e.g. NFTS, FAT, ext2, ext4, ext4 etc.
  • Experience with Forensic toolsets such as Encase, X-Ways, IEF, Autopsy, or equivalents
  • Understanding of Anti-Forensic Techniques
  • Proficient in timeline analysis
  • Technical understanding of memory management including concepts
  • Experience with memory analysis frameworks such as Volatility or Rekall
  • Technical understanding of modern attacker tools and techniques
  • Proficient understanding of network protocols including the seven layer and TCP/IP network models
  • Proficient in IDS analysis, including creation of network signatures
  • One of the following certifications will be an advantage BUT NOT essential:
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Forensic Examiner (GCFE)
  • CREST Registered Intrusion Analyst (CR IA)
  • CREST Certified Host Intrusion Analyst (CC HIA)
  • CCNIA Certified Network Intrusion Analyst (CC NIA)

This is an excellent opportunity to join a FTSE 100 company, who pay very completive salaries, benefits, development/training programmes and truly believe in progression from within.

Please apply today for immediate response.