Overall scope of work:

We are seeking a motivated and detail-oriented Incident Response and Threat Intelligence Technical Manager to join our dynamic team. This position is intended for individuals passionate about cybersecurity and eager to develop their skills in a supportive and collaborative environment. The successful candidate will become part of our Managed Security Services team and is responsible on investigating security incidents, analyzing digital evidence by performing disk forensics, performing threat intelligence by utilizing OSINT and dark web monitoring. This role also involves proactive threat hunting for undetected threats within an organization.

Responsibilities:

Digital Forensics & Incident Response (DFIR):

Lead forensic investigations on compromised endpoints, servers, and cloud environments. Collect and analyze digital evidence from logs, disk images, memory dumps, and network traffic. Perform malware reverse engineering and root cause analysis to determine attack origins. Develop incident response playbooks, forensic reports, and lesson learned documentation.

Threat Intelligence and Threat Hunting:

Conduct in-depth research on cyber threat actors, campaigns, and TTPs. Leverage open-source intelligence (OSINT), dark web monitoring, and cyber threat feeds to identify emerging threats. Correlate threat intelligence data with security alerts to improve detection capabilities. Provide strategic recommendations to security teams on threat mitigation. Perform proactive threat hunting across endpoints, network, and cloud environments. Identify and analyze anomalous behavior, lateral movement, and potential APT activities.