Drag

Splunk

Location : ,

Job Description

Digital Forensics SOC Analyst

Minimum Qualifications:

  • Hands-on experience with security monitoring and SIEMs tools - Splunk Enterprise Security is preferred
  • Demonstrated working knowledge of cyber forensics and incident handling best practice processes, procedures, standards, and techniques
  • Hands-on experience with forensics image capture tools i.e., FTK Imager, MAGNET ACQUIRE
  • Hands-on experience with system image/file system/registry forensics tools i.e., Encase, FTK, X-Ways, Magnet AXIOM, Sleuthkit, Access Data Registry Viewer, Registry Recon, or other)
  • Hands-on experience with PCAP analysis tools i.e., Wireshark, TCP Dump, Network Miner, Xplico, or other
  • Hands-on experience with memory forensics tools i.e., BlackLight, Volatility, SANS SIFT, Magnet RAM Capture, or FireEye Memoryze, CrowdStrike Crowd Response
  • Hands-on experience with Endpoint Detection & Response solutions - Tanium Threat Response, McAfee or other

Desired Skills/Certifications:

  • Practical hands-on experience with static in malware analysis
  • Hands-on experience with malware anti-forensics, obfuscation, packing techniques
  • Hands-on experience with malware Analysis - Miscellaneous dynamic & static analysis tools (IDA Pro, Ghidra, OllyDBG, WinHex, HexEdit, HexDump, PeSTudio, REMux, OLEDUMP)
  • Hands-on experience with Custom Signature Creation - YARA
  • Scripting/Programming experience - Python, Perl, C, C++, Go
  • Highly desired industry certifications include Certified Forensics Computer Examiner (CFCE), Computer Hacking Forensic Investigator (CHFI), GIAC Certified Forensic Examiner (GCFE), Certified Computer Examiner (CCE)
  • Relevant industry certifications such as Certified Ethical Hacker (CEH), GIAC Reverse Engineering Malware (GREM), Certified Reverse Engineering Analyst (CREA) etc.