Senior Dfir Engineer
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.1
Reclaim your time by letting our AI handle the grunt work of job searching.
We continuously scan millions of openings to find your top matches.
Job Description
Description
The Senior DFIR Engineer is responsible for investigating and leading security incidents, conducting forensic analysis, and enhancing the organization's ability to detect, respond to, and recover from cyber threats across the enterprise. The Senior DFIR Engineer is expected to possess in-depth knowledge relating to one or more of the domains of responsibility of the Security Incident Response Team including Digital Forensics, Incident Response and Reverse Engineering Malware.
Responsibilities
Develop and implement corporate security policies, standards, processes and procedures related to Incident Response.
Utilize and oversee the use of forensic tools and software.
Perform malware analysis to understand attacker tactics, techniques, and procedures (TTPs).
Assist in the development and improvement of incident response playbooks and processes.
Cross-train and help to develop team members that perform security incident investigations.
Prepare and review detailed reports and documentation of findings for both technical and non-technical audiences.
Delegate responsibilities and assignments to team members as applicable.
Respond to, investigate and resolve security incidents for Tyler.
Work with groups across Tyler to improve Enterprise security.
Qualifications
Bachelor's degree in IT, Cybersecurity, Digital Forensics, or related area of study, or comparable work experience
5+ years of progressively increasing responsibility in the implementation and use of incident response methodologies and forensic investigations.
Understanding of MITRE ATT&CK and cyber kill chain.
Must have (or be willing to obtain and maintain) one or more certifications in focus area related to incident response and digital forensics (GCIH, GCFA, GREM, etc.)
Familiarity with cloud security and forensics
Advanced proficiency in one or more of the following security concepts:
Digital Forensic Investigations
Incident Response and Digital Evidence Preservation
Malware Reverse Engineering
Network Forensic Investigations
Operation Systems Weaknesses
Perimeter Security (firewalls, intrusion detection, etc.)
Regulatory compliance: PCI-DSS, SOX, HIPAA
Strong analytical and problem-solving skills
Required to undergo and satisfactorily pass a fingerprint background check in accordance with CJIS requirements.
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.