Digital Forensics Incident Response Engineer

SUMMARY:

TTS is seeking a highly skilled Incident Responder to join our advanced cyber security operations team. The successful candidate will play a crucial role in handling cybersecurity incidents, ensuring the confidentiality, integrity and availability of our digital assets. This role requires a deep understanding of digital forensics, operating systems, file systems, and network protocols to effectively respond and investigate to security, privacy, and policy incidents. The Incident Responder will collaborate closely with security stakeholders, legal teams, and business leaders, providing objective and professional analysis to drive informed decision-making. Additionally, the role involves defining policies, standard procedures, and performing the necessary steps to ensure the proper collection, analysis, and archiving of digital artifacts.

What You’ll Be Doing:

• Demonstrate sound professional judgment and strong security ethics, while guiding and mentoring others to uphold.
• Report common and repeated problems to management through trend analysis, proposing process and technical improvements.
• Stay informed of the latest vulnerabilities, exploits, and other relevant threat-related information.
• Assume ownership of security incidents and requests, providing comprehensive monitoring, tracking, and communication throughout the incident response lifecycle.
• Develop and refine internal Digital Forensics and Incident Response (DFIR) policies and procedures.

Requirements

Qualifications:

• Proven experience in digital forensics and incident response.
• Strong background in handling security incidents and threats, particularly those posing risks to sensitive or confidential data.
• In-depth understanding of OS internals related to monitoring and threat detection across Windows, Linux, and OSX environments.
• Strong understanding of cloud security, with the ability to identify, analyze and mitigate cloud-based threats and vulnerabilities.
• Familiarity with compliance regulations, security frameworks, and standards (e.g., NIST, HIPAA, ISO, COBIT, OWASP, ITIL).

Technical Skills:

• Proficiency with open-source tools such as Autopsy, The Sleuth Kit, Kali Linux, and Volexity Volatility.
• Experience with commercial tools like Magnet Axiom, FTK, Cellebrite, and Blackbag.
• Ability to deobfuscate and conduct basic cryptanalysis of potentially malicious content.
• Skilled in both behavioral and static malware analysis.
• Competency in scripting languages such as Bash, Python, and PowerShell.

Added Bonus If You Have:

• Knowledge of the automotive, manufacturing, or software industries.