Digital Forensics & Incident Response (DFIR) Analyst
Hong Kong
Applications have closed
Blackpanda
Top-tier incident response, continuous vulnerability assessments, and seamless access to cyber insurance—all in one SaaS platform. Priced at less than 10% of traditional IR. Designed for MSPs. Suitable for any Distributor. Cyber Resilience...
Our story: Blackpanda Group is Asia's leading local cyber incident response firm, dedicated to delivering world-class digital emergency response services to businesses in the region.We help businesses strengthen their cyber resilience and secure their digital operations by supporting them with incident response delivered by local experts and cyber insurance underwritten by our Lloyd’s of London coverholder Pandamatics Underwriting.Our mission is to make cyber resilience achievable for all, with services and solutions designed for the Asian market.
Our Mission: To democratize cyber resilience.
Our Vision: A world where organizations of all sizes have access to best-in-class cyber incident response and insurance solutions, so they can conduct business securely and sustainably.
Blackpanda does not accept unsolicited resumes from recruitment agencies. We will not be responsible for any fees related to unsolicited candidates submitted by recruiters with whom we have not established explicit, written agreements for our job vacancies. By submitting any candidate information, recruiters agree to forfeit any claim to fees should their candidate be hired without an established agreement with Blackpanda.
Our Mission: To democratize cyber resilience.
Our Vision: A world where organizations of all sizes have access to best-in-class cyber incident response and insurance solutions, so they can conduct business securely and sustainably.
Responsibilities and Duties:
- Assist senior responders in managing and mitigating cyber incidents.
- Must operate the emergency hotline for clients, with potential work outside normal hours, compensated with equivalent time off.
- Take lead on deploying and troubleshooting Endpoint Detection and Response (EDR) on customer environments during incident response.
- Participate in the identification, containment, eradication, and recovery phases of incident response.
- Document incident response activities and findings accurately and promptly.
- Collect, preserve and analyze digital forensic evidence from various types of devices, including computers, mobile devices, and network equipment.
- Assist in proactive threat hunting activities to identify potential security incidents.
- Assist in enhancing existing and creating new Standard Operating Procedures (SOPs) for incident response processes.
- Assist in the deployment, configuration, evaluation and maintenance of Digital Forensics tools and infrastructure.
Requirements:
- Familiar with operating systems, networks, application and cybersecurity concepts.
- Keen attention to detail in analyzing and mitigating cybersecurity threats, ensuring thorough examination and precise implementation of security measures.
- Knowledge of Windows and Linux operating systems, including system configuration, network configuration, logs reviewing, process and memory analysis.
- Proficiency in scripting languages like Python and Bash for accomplishing straightforward tasks.
- Experience in investigating security breaches using various security products, including Antivirus, EDR, SIEM, Firewalls, etc
- Good documentation skills for recording findings and writing reports.
- Possesses strong problem-solving and analytical skills, with a proactive approach to finding answers and a continuous drive to learn and improve; seeks help when unsure about a problem or situation.
- Capable of prioritizing tasks to meet deadlines effectively while maintaining composure and efficiency in high-pressure situations, such as incident response and managing distressed clients.
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- 3+ years of Cybersecurity working experience.
- Native Cantonese speaker with fluent English communication skills.
- Relevant certifications (e.g. CompTIA Security+, GIAC Certified Forensic Examiner, GIAC Certified Forensic Analyst) are a plus but not required.
What We Offer:
- This position is based in Hong Kong.
- 40 days paid leave per year inclusive of public holidays, which may be taken at the discretion of the employee subject to compliance with our Leave Policy and the approval of their manager.
- Monday through Thursday are required to be in-office; no scheduled internal meetings on Fridays, unless absolutely necessary.
- Training budget is US$5,000 per calendar year. DFIR team members can apply their Training budget towards one approved SANS training course every 2 calendar years.
Blackpanda does not accept unsolicited resumes from recruitment agencies. We will not be responsible for any fees related to unsolicited candidates submitted by recruiters with whom we have not established explicit, written agreements for our job vacancies. By submitting any candidate information, recruiters agree to forfeit any claim to fees should their candidate be hired without an established agreement with Blackpanda.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
16
0
0
Categories:
Analyst Jobs
Forensics Jobs
Incident Response Jobs
Tags: Antivirus Bash Compliance CompTIA Computer Science DFIR EDR Firewalls Forensics GIAC Incident response Linux Python SANS Scripting SIEM Windows
Perks/benefits: Career development Team events
Region:
Asia/Pacific
Country:
Hong Kong
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cybersecurity Engineer jobsInformation Security Officer jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsInformation Security Manager jobsInformation Security Specialist jobsCyber Security Specialist jobsSecurity Consultant jobsIT Security Engineer jobsSenior Network Security Engineer jobsSenior Information Security Analyst jobsSystems Engineer jobsSecurity Specialist jobsSystems Administrator jobsIT Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSenior Penetration Tester jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCyber Security Architect jobsSenior Product Security Engineer jobsInformation Systems Security Engineer jobsThreat Intelligence Analyst jobsSecurity Operations Analyst jobs
APIs jobsEncryption jobsForensics jobsTop Secret jobsEDR jobsSaaS jobsGDPR jobsRMF jobsIDS jobsSplunk jobsSDLC jobsIPS jobsSQL jobsActive Directory jobsBash jobsDoDD 8570 jobsIntrusion detection jobsThreat detection jobsITIL jobsCompTIA jobsFinance jobsGIAC jobsOWASP jobsDocker jobsCRISC jobs
UNIX jobsSANS jobsClearance Required jobsIndustrial jobsTCP/IP jobsTerraform jobsOSCP jobsHIPAA jobsJavaScript jobsCCSP jobsIT infrastructure jobsBanking jobsData Analytics jobsDNS jobsVPN jobsSOC 2 jobsCISO jobsNIST 800-53 jobsSAP jobsPolygraph jobsSOX jobsGCIH jobsMITRE ATT&CK jobsAnsible jobsGSEC jobs