Cyber Investigation Analyst

Cyber investigation analyst - Group-IB

Group-IB, a Singapore-based company that specializes in investigating and preventing cyberattacks, is recruiting a junior analyst in cyber investigations department. Since our Amsterdam HQ is growing, we need anew cyber-fighter to support our mission in the region.

Group-IB is one of the global leaders in threat intelligence, investigations, anti-fraud, network security and incident response. We are the new generation of engineers having more than 550 specialists already with us. 

Group-IB’s cyber investigations department is a special unit with unique mission – observe and uncover cybercriminals. But behind - it is a team of specialists who focused on tracking adversaries, conducting in-depth investigations and tailored threat intelligence for enterprises all across the world. For 18 years we have been done more than 1300 investigations, operations and researches and assisted in hundreds criminal’s detentions.

About the role

As a cyber investigation specialist you will be involved in international investigation projects across Europe and beyond handling cyber incidents and high-tech crimes targeting European region.

Conducting investigations and doing threat actor-centric cyber threat intelligence will be the main focus of your work: from investigating financial fraud schemes and scams up to bank’s network intrusions, ransomware operations and malware campaigns. As a junior-level specialist you will be introduced into the cyber investigation process and involved into projects as a team member being mentored by experienced colleagues. Apart from main tasks you will be participating in education programs, researches and internal events.

Tasks to solve:

• Processing data about cyber incidents and assisting customers in response and data collection.
• Examining initial data, extracting indicators, observing entry points for the further investigation.
• Analysing network infrastructure, digital assets and indicators pertained to threat actors.
• Tracking down threat actors across the Clear, Deep, and Dark Web using passive and active intelligence collection techniques.
• Conducting forensic analysis on email headers, technical logs (web servers logs, email server logs, network logs, etc.), severs images and other incident data.
• Comprising all the findings into comprehensive and well-structured report in English.

Apply for this vacancy if you:

• Have a Bachelor’s and/or Master’s degree in Information Security, Digital Forensics or Computer Science (acquired or in progress)
• Have a good technical understanding of network protocols: TCP/IP stack, Internet routing, HTTP, and DNS
• Have a grasp of how network infrastructure operates, understand relationships between ISPs, domain names, IP addresses, hosting providers.
• Know what is CMS, web-server, SMTP, SSH key, SSL certificate, WHOIS 
• Have an applied experience in cyber security, threat intelligence, digital forensics and/or OSINT investigations, performed own researches, analytical studies or projects
• Have basic digital forensics skills: ability to analyse different types of logs, file system dumps, email headers.
• Familiar with virtualisation technologies, able to set up and use a virtual machine
• Have a general Linux administration skills, familiar with bash and regular expressions.
• Responsibility, ability to learn quickly, literacy, and accuracy are part of your personal qualities
• Have an ability to be adaptable and flexible in responding to deadlines and workflow fluctuations
• Have perfect oral and written communication skills, ability to collaborate in a team-based environment

Will be your competititve advantage:

• Internships (or permanent working experience) at SOC, Threat Intelligence or DFIR.
• Knowledge of python, php or other programming languages
• Experience in investigation/threat intelligence report writing and presentation in English language
• Grasp of web application security essentials

Why us:

• Be on the edge of the fight against cybercrime. We have eyes on RedCurl, Lazarus, APT41, and 300+ other active threat actors in the world. Be the first: uncover and investigate never-before-seen incidents and threat actors.
• Be challenged. Dissect the most sophisticated incidents, dive deeper into threat actor activity, and be involved in intriguing investigations.
• You would have a unique opportunity to create a global impact - we are moving in the cybersecurity industry forward and establishing modern trends in fighting cybercrime. We offer priceless mentorship from Group-IB employees to guide you through your entire internship and help you to enhance your skills in this field. You would have an opportunity to build personal relationships with people who are passionate about cybersecurity.
• Your happiness is important to us. We want every single team member to be happy.
• Continuing professional development. At Group-IB, you can choose from various paths to growth: progress as an expert, advance to a management position, try your hand in another department, relocate abroad, or launch a new business area at Group-IB.
• A team with extensive international expertise. Do you have experience but are looking for exciting challenges? By choosing us, you will be choosing complex tasks and continuously improving your skills in a fast-growing international company.
• Globally recognized technologies. Group-IB's offices are located in seven countries and our products and services are sold in 60 countries. What’s more, Gartner, IDC, and Forrester have ranked our technologies among the best in their class. We work with over 450 international partners and about 500 clients.
• A culture created by each of us. Group-IB’s employees speak many different languages and understand one another. We respect each other's beliefs, share common values, and strive toward the happiness of every employee.
• Economic stability. Group-IB's sustainable growth helps rapidly develop careers that would take years to progress as far as most other companies.