Principal Digital Forensics & Threat Engineer

Лого на Ingram Micro GBS EOOD

Ingram Micro GBS EOOD


Upgrade your talent by:

  • Developing new and novel defense techniques to identify and stop advanced adversary tactics and techniques
  • Performing forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures)
  • Investigating incidents leveraging forensics tools including Encase, FTK, X-Ways, Axiom, SIFT, and Splunk to determine source of compromises and malicious activity that occurred
  • Collecting, analyzing, assessing, and disseminating information about cyber threats and potential attacks
  • Conducting human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools
  • Working closely with other members of the Information Security team to lead changes in the company's defense posture

You’ll be a great fit if you have:

  • Work Experience: 10+ years; 5+ directly related to role
  • 3+ years of strong hands-on experience in digital forensics examinations and/or investigations using the EnCase tool.
  • 3+ years of experience in law enforcement (deputized) investigations (fraud, counterintelligence, high-tech crimes, etc.).
  • Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security
  • Strong understanding of vulnerabilities, common attack vectors, and has attacker mindset: ability to think about creative threats and attack vectors.
  • Strong communication skills - English C1
  • Experienced with EnCase, FTK, X-Ways, Axiom, SIFT, Splunk, Elastic Stack, Redline, Volatility, WireShark, TCPDump, and open-source forensic tools.
  • Proficiency with at least one interpreted programming language (Python, Ruby, etc.)
  • Relevant security certifications (EnCE, OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA).

Required skills

Cross-functional Team Leadership
Ruby on Rails
Law Enforcment


Additional medical insurance
Company training
Fruit and snacks in the office
Home office
Sports card
Team buildings
Обявата е публикувана преди 45 дни