Digital Forensics & Incident Response (DFIR) Analyst

Our story: Blackpanda Group is Asia's leading local cyber incident response firm, dedicated to delivering world-class digital emergency response services to businesses in the region.We help businesses strengthen their cyber resilience and secure their digital operations by supporting them with incident response delivered by local experts and cyber insurance underwritten by our Lloyd’s of London coverholder Pandamatics Underwriting.Our mission is to make cyber resilience achievable for all, with services and solutions designed for the Asian market.
Our Mission: To democratize cyber resilience.
Our Vision: A world where organizations of all sizes have access to best-in-class cyber incident response and insurance solutions, so they can conduct business securely and sustainably.

Responsibilities and Duties:

• Assist senior responders in managing and mitigating cyber incidents.
• Must operate the emergency hotline for clients, with potential work outside normal hours, compensated with equivalent time off.
• Take lead on deploying and troubleshooting Endpoint Detection and Response (EDR) on customer environments during incident response.
• Participate in the identification, containment, eradication, and recovery phases of incident response.
• Document incident response activities and findings accurately and promptly.
• Collect, preserve and analyze digital forensic evidence from various types of devices, including computers, mobile devices, and network equipment.
• Assist in proactive threat hunting activities to identify potential security incidents.
• Assist in enhancing existing and creating new Standard Operating Procedures (SOPs) for incident response processes.
• Assist in the deployment, configuration, evaluation and maintenance of Digital Forensics tools and infrastructure.

Requirements:

• Familiar with operating systems, networks, application and cybersecurity concepts.
• Keen attention to detail in analyzing and mitigating cybersecurity threats, ensuring thorough examination and precise implementation of security measures.
• Knowledge of Windows and Linux operating systems, including system configuration, network configuration, logs reviewing, process and memory analysis. 
• Proficiency in scripting languages like Python and Bash for accomplishing straightforward tasks.
• Experience in investigating security breaches using various security products, including Antivirus, EDR, SIEM, Firewalls, etc
• Good documentation skills for recording findings and writing reports.
• Possesses strong problem-solving and analytical skills, with a proactive approach to finding answers and a continuous drive to learn and improve; seeks help when unsure about a problem or situation.
• Capable of prioritizing tasks to meet deadlines effectively while maintaining composure and efficiency in high-pressure situations, such as incident response and managing distressed clients.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 3+ years of Cybersecurity working experience.
• Native Cantonese speaker with fluent English communication skills.
• Relevant certifications (e.g. CompTIA Security+, GIAC Certified Forensic Examiner, GIAC Certified Forensic Analyst) are a plus but not required.

What We Offer:

• This position is based in Hong Kong.
• 40 days paid leave per year inclusive of public holidays, which may be taken at the discretion of the employee subject to compliance with our Leave Policy and the approval of their manager. 
• Monday through Thursday are required to be in-office; no scheduled internal meetings on Fridays, unless absolutely necessary.
• Training budget is US$5,000 per calendar year. DFIR team members can apply their Training budget towards one approved SANS training course every 2 calendar years.

Blackpanda is committed to building a culturally diverse company, and we value a broad set of opinions in our team. As we grow, we are looking to build a team with a range of viewpoints at its core, and we encourage applications from minority candidates and all genders however you identify (X/F/M).
Blackpanda does not accept unsolicited resumes from recruitment agencies. We will not be responsible for any fees related to unsolicited candidates submitted by recruiters with whom we have not established explicit, written agreements for our job vacancies. By submitting any candidate information, recruiters agree to forfeit any claim to fees should their candidate be hired without an established agreement with Blackpanda.