Digital Forensics and Incident Response consultant

ABOUT GROUP-IB:

Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity

technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, and citizens, and support law enforcement operations.

Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.

Each of us can help make the world a safer place. Join us!

ABOUT THE ROLE:

This is a high-impact, hands-on role that puts you on the front lines of some of the most challenging incident response and threat hunting engagements. You’ll work across diverse industries, confronting real-world cyber threats and helping clients recover from complex incidents. Your expertise will directly shape outcomes, protect critical infrastructure, and contribute to a safer digital environment.

This role is ideal for professionals eager to sharpen their DFIR skills while operating in fast-paced, high-stakes environments.

YOUR MISSION

• Conduct root cause analysis to determine the initial attack vector in security incidents.
• Lead incident response engagements, including containment, eradication, and recovery guidance.
• Acquire and analyze disk and memory forensic images, as well as perform triage analysis.
• Recover deleted data, trace file execution, and validate indicators of compromise (IOCs).
• Develop attack hypotheses using adversary TTPs mapped to the MITRE ATT&CK framework.
• Prepare and deliver clear, actionable reports and findings to both technical and non-technical stakeholders.
• Maintain composure and communicate effectively in high-pressure, time-sensitive incidents.

WHAT SUCCESS LOOKS LIKE:

• Minimum first hands-on experience in Digital Forensics and Incident Response.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or equivalent professional experience.
• Proficiency in analyzing forensic artifacts such as:
• Windows registry
• Master File Table (MFT)
• Prefetch files
• Shellbags
• Event logs
• Experience working with EDR platforms and SIEM solutions.
• Strong understanding of attacker methodologies, MITRE ATT&CK, and the intrusion kill chain.

Additional requirements:

• Excellent communication skills.
• Strong problem-solving mindset and attention to detail.
• Ability to remain calm under pressure during active incidents.
• One or more of the following: GCFA, GCIH, GNFA, GCFE, CHFI, GCFR, OSCP, or similar.

OUR WORK ENVIRONMENT & CULTURE:

At Group-IB, we believe that employee happiness is fundamental to success. We foster a supportive, inclusive, and dynamic workplace where every team member is empowered to grow. Whether you’re aiming to deepen your expertise, step into leadership, explore new departments, or take your career abroad, we provide diverse opportunities for professional development.

Our team is made up of specialists from around the world who bring deep international expertise and thrive on solving complex challenges. You’ll be working with cutting-edge technologies recognized globally by Gartner, IDC, and Forrester, and contributing to projects that span across 60 countries alongside 450+ partners and 500+ clients.

We take pride in our multicultural, values-driven culture—where mutual respect, collaboration, and shared goals unite us across borders. And with Group-IB’s continued global growth and financial stability, your career trajectory here can accelerate faster than in most traditional environments.

WHAT DO WE OFFER :

• Flexible Work Schedule
• We don’t believe in fixed hours—what matters is impact, not time spent. You have the freedom to design your own workday in a way that drives results and balance.
• Comprehensive Health Coverage
• Your well-being comes first. We offer health insurance to support you when it matters most.
• Certifications & Continuous Learning
• Our team holds over 1,000 globally recognized certifications, including CEH, CISSP, OSCP, and more. Through our incentive program, we cover the cost of professional development—because your growth fuels our innovation.
• Meaningful Challenges & Growth Paths
• From soft skills development to advanced technical training, a wide range of internal programs help you expand your skill set—and earn recognition and rewards along the way.
• Entrepreneurial spirit is encouraged
• We value initiative. Whether it’s launching a tech blog, organizing events, building communities, or starting a sports team—Group-IB is a place where bold ideas are supported and celebrated. .