What are the responsibilities and job description for the DFIR Engineer position at Ellington Cyber Academy?
Ellington Solutions is seeking out qualified candidates that will:
The qualified candidates will have:
- Practical experience in Digital Forensics & Incident Response (DFIR)
- Carry out comprehensive forensic examinations on endpoints
- Conduct proactive threat hunting
- Work in conjunction with SOC Tier 2 analysts to offer technical insights
- Evaluate and address cyber threats in real-time
- Participate in investigations related to incident response
- Utilize advanced security tools (e.g., CrowdStrike, Splunk)
- Engage in team meetings, share knowledge, and contribute to process enhancements
- Uphold high standards of communication and documentation
The qualified candidates will have:
- U.S. Citizenship (Required)
- At least five years of experience in Cybersecurity or a similar discipline
- Proficient in one or more cloud platforms and familiar with cloud security practices
- Comprehension of computer networking principles and protocols, along with network security methods such as network traffic analysis and packet-level scrutiny using tools like Wireshark and tcpdump
- Acquainted with Windows and Unix ports and services
- Familiarity with current identity and access management strategies
- Hands-on experience with automation, machine learning, and/or artificial intelligence
- Knowledge of various types of digital forensics data, with the capability to identify and collect persistent data
- Understanding of different file system architectures (e.g., New Technology File System [NTFS], File Allocation Table [FAT], File Extension [EXT]), and awareness of which system files (e.g., log, registry, and configuration files) contain relevant information and their respective locations
- Knowledge of protocols for the collection and preservation of digital evidence
- Proficiency in Digital Forensics & Incident Response (DFIR), as well as expertise in Threat Hunting and Incident Response at a Tier 3 level
- Strong communication, organizational, and collaborative skills
