Principal Threat Engineer (Digital Forensics)
Nordic Recruitment & Consulting offers efficient IT and rare language recruitment and business consulting in Bulgaria - and beyond.
Having long experience in recruitment we value above all those things that make us successful because of our clients, candidates and partners success: trustworthiness, good communication, Can do-attitude, finding solutions, being flexible; being available. We also have genuine passion for what we do.
The client is a leading American technology services and products provider with staunch presence in Bulgaria. They are currently expanding their Cyber Security capabilities and have chosen Bulgaria as the location to realise this.
Developing new and novel defense techniques to identify and stop advanced adversary tactics and techniques
Performing forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures)
Investigating incidents leveraging forensics tools including Encase, FTK, X-Ways, Axiom, SIFT, and Splunk to determine source of compromises and malicious activity that occurred
Collecting, analyzing, assessing, and disseminating information about cyber threats and potential attacks
Conducting human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools
Working closely with other members of the Information Security team to lead changes in the company's defense posture
Work Experience: 10+ years; 5+ directly related to role
3+ years of strong hands-on experience in digital forensics examinations and/or investigations using the EnCase tool.
3+ years of experience in law enforcement (deputized) investigations (fraud, counter-intelligence, high-tech crimes, etc.).
Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security
Strong understanding of vulnerabilities, common attack vectors and has attacker mindset: ability to think about creative threats and attack vectors.
Strong communication skills - English C1
Experienced with EnCase, FTK, X-Ways, Axiom, SIFT, Splunk, Elastic Stack, Redline, Volatility, WireShark, TCPDump, and open source forensic tools.
Proficiency with at least one interpreted programming language (Python, Ruby, etc.)
Relevant security certifications (EnCE, OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA).
Nordic Recruitment & Consulting's recruitment rights and activities are based upon Recruitment Licence No. 2022 (issued 01.04.2016). Services of Nordic Recruitment & Consulting are fully free for the candidates.