Cyber, Cyber Investigations
Bachelor (EQF 6)
Group-IB, a Singapore-based company that specializes in investigating and preventing cyberattacks, is recruiting a Cyber Investigation Specialist. Since our Amsterdam HQ is growing, we're looking for a true cyber-fighter to support our mission in the region.
Group-IB’s High-Tech Crime Investigation Department is a special unit with unique mission – observe and uncover cybercriminals. It is a team of specialists who focused on tracking adversaries, conducting in-depth investigations and tailored threat intelligence for enterprises all across the world. For 18 years we have done more than 1300 investigations, operations and researches and assisted in hundreds criminal’s detentions.
Each of us can help make the world a safer place.
About the role:
As a Cyber Investigation Specialist you will be involved in international investigation projects across Europe and beyond handling cyber incidents and high-tech crimes targeting European region.
Conducting investigations and doing threat actor-centric cyber threat intelligence will be the main focus of your work: from investigating financial fraud schemes and scams up to bank’s network intrusions, ransomware operations and malware campaigns. Using your expertise, you will be dived into sophisticated incidents armed with all our latest technologies. Apart from the main tasks you will be participating in unit’s development process, research activity and intern/junior’s mentoring.
Tasks to solve:
- Processing data about cyber incidents and assisting customers in response and data collection.
- Consulting of clients in questions related to cyber investigations, as well as cyber security, forensics and incident response.
- Conducting preliminary assessment of the incident, analyzing entry points for the investigation.
- Analyzing network infrastructure, digital assets and indicators pertained to threat actors.
- Tracking down threat actors across the Clear, Deep, and Dark Web using passive and active intelligence collection techniques.
- Forensics analysis of file system images, technical logs (web servers logs, email server logs, network logs etc.), email headers, etc.
- Producing well-structured investigation resulting reports in English.
- Monitoring of active threat actors operating in the European region, hunt for new and investigate their activities.
- Contributing to development of new ways of collecting and analyzing intelligence data.
- Assisting with creating educational materials and programs in cyber investigations and digital forensics.
- Taking part in writing articles, blogs and researches on cyber investigations and digital forensics.
Apply for the role if you have the following qualifications:
- Bachelor’s or/and Master’s degree in Information Security, Digital Forensics, Computer Science or equivalent experience.
- At least 3 years' experience in Cyber Security.
- Experience with investigating fraud cases, internal or external threats or cyber security incidents in a technology services organization or similar environment.
- Proficiency in working with web technologies: hosting, servers, databases, mail servers, etc. Ability to operate and maintain any of those.
- Digital forensics concepts: host analysis, network forensics, grasp of how modern OS (Windows, *nix) and FS (NTFS, FAT, ext4) work.
- SQL knowledge, ability to extract and analyze data from DB dumps.
- Familiarity with cyber threat intelligence collection methods, tools and techniques.
- Good Linux administration skills, free use bash, regexp, familiar with related file systems structure, basic Linux forensics skills.
- Strong data analysis and correlation skills with comfort to work through complex and unfamiliar data sets.
- Experience identifying issues and gathering facts during the interview, research, and analysis phases.
- Responsibility, ability to learn quickly, literacy, and accuracy are part of your personal qualities.
- Perfect oral and written communication and presentation skills, ability to collaborate in a team-based environment.
What else we appreciate:
- Experience working in field of Digital Investigations, Threat Intelligence or eDiscovery.
- Programming skills, ability to understand code general functionality, at least, with one of following (php/python/js).
- Information Security certifications (GIAC, CompTIA, EC-Council, ICS2, etc.).
- Familiar with cyber threats, modern fraud schemes and cyber-attacks methods.
- Experience in investigation report writing and presentation in English language.
- Understanding of web application security essentials, experience with Burp/sqlmap/wpscan or similar.
Why choose Group-IB:
- Your happiness is important to us. We want every single team member to be happy.
- Continuing professional development. At Group-IB, you can choose from various paths to growth: progress as an expert, advance to a management position, try your hand in another department, relocate abroad, or launch a new business area at Group-IB.
- A team with extensive international expertise. Do you have experience but are looking for exciting challenges? By choosing us, you will be choosing complex tasks and continuously improving your skills in a fast-growing international company.
- Globally recognized technologies. Group-IB's offices are located in seven countries and our products and services are sold in 60 countries. What’s more, Gartner, IDC, and Forrester have ranked our technologies among the best in their class. We work with over 450 international partners and about 500 clients.
- A culture created by each of us. Group-IB’s employees speak many different languages and understand one another. We respect each other's beliefs, share common values, and strive toward the happiness of every employee.
What else you should know:
- Flexible schedule. Group-IB does not have fixed working hours. You choose your own schedule. We adhere to the principle advocated by Steve Jobs: “We have to work not 12 hours, and head.”
- Comfortable offices in all countries of operation. We bring our creative ideas to life and design our offices so that they are a convenient space. In summer, we sometimes work outside on verandas and invite clients and partners to celebrate special occasions there.
- Certificates and training courses. Group-IB specialists hold over 1,000 professional certificates, including CEH, CISSP, OSCP, GIAC, MCFE, BSI, as well as some rare ones that would be a source of pride for experts in forensics, penetration testing, and reverse engineering worldwide. We have an incentive program that helps employees achieve certifications at the company's expense.
- Challenges. A wide selection of GIB programs help you improve soft skills, gain new competencies, and receive monetary rewards.
- Initiative is rewarded. At Group-IB, you can bring your most daring ideas to life. The company encourages technical blogging, writing articles, building sports teams, and other creative activities.
Sound like you? Apply now via email@example.com