We are hiring for a Forensic Analysts (At Multiple Levels) !!
Please Pay Attention Before You Apply
- Please apply only if you are an immediate joiner
- This is a full time position, with from office work only (NO WFH)
- Position is based out of Hyderabad
Company Introduction --
Castellum Labs is a Next Gen Cyber Security Technology Venture that started in 2018, from Hyderabad, India with global ambitions, to change the cybersecurity service model. The company's vision is to change the cybersecurity value model in the industry.
We use SaaS platforms, advanced lab infra in the cloud and a team of specialized experts to deliver long-term value. Castellum Labs primary focus areas in Cyber Security are application security, network and infra security, cloud security, threat detection and response, and Darkweb monitoring and OSINT.
You can find details about Castellum Labs at
Website - www.castellumlabs.com
LinkedIn Page - https://www.linkedin.com/company/castellumlabs
Roles & Responsibilities
- Performs digital forensic analysis on Windows, Apple Mac, and Linux-based operating systems
- Analyze networking appliances including VPN and firewall appliances
- Documents forensic findings and develops a master timeline and visual attack map of events
- Identifies additional sources (systems, logs, etc.) for collection based on analysis
- Addresses gaps in the attack lifecycle (based on the flow and data available)
- Collaborates with the Security Operations Center (SOC) to utilize data from monitoring
- Handles complex and critical security incidents for forensic support
- Delivers forensic findings and updates to the team clearly and concisely
- Narrative outlining event timeline, adjusting delivery to match the audience's technical capabilities
- Tracks findings and captures data points to enrich threat intelligence and inform investigations
- Raises technical constraints and issues within the Forensics team to pinpoint incident details
- Maintains current case analyst notes, the forensic tracker, timeline, and attack map
- Reviews detailed updates on investigative findings, including the timing and method
- Identifies, documents, and shares critical IOCs or adversary TTPs uncovered with IR
- Communicates identified IOCs to the India Tiger Team to advance investigations
- Utilizes incident-mapping frameworks like MITRE's ATT&CK to contextualize adversary actions/IOCs
- Reviews written incident reports, investigative updates & reports as directed by counsel partners
- Communicates within the DFIR team and provides routine status updates
- Write playbook for incident response for the large and medium enterprises
- Conduct simulations for incidents/attack and organize workshops for customers
- Design custom incident response process for the enterprise category global customers
- Design, organize and conduct table top exercises for the customers (for incident response)
- Collaborates with cross-functional teams to leverage threat intel TTPs/IOCs
- Reviews reports & appendices based on findings using standard templates
- Accurately tracks and records time for forensic analysis
- May perform other duties as assigned by management
Skills And Knowledge
- Deep understanding of forensic artifacts, including analysis of operating system artifacts
- Understanding recovery of deleted items from Windows, Linux, Mac & RAM/memory forensics
- Thorough experience analyzing network and operating system log files
- Windows Event logs, Unified Audit Logs, Firewall logs, VPN logs should have dealt with
- Thorough knowledge of Windows disk and memory forensics
- Good work on Network Security Monitoring (NSM), network traffic analysis
- Work experience & knowledge on log analysis, Unix or Linux disk and memory forensic
- Proficiency with enterprise security controls (as per different compliances/standards)
- Master of delivering technical findings to non-technical audiences
- Ability to provide findings confidently and factually
- Experience with Cyber insurance investigations
Job Requirements
- Bachelor's degree in comp science, info security, digital forensics or cyber security
- 1 to 3 years of incident response or digital forensics experience or
- Solid knowledge of tools like EnCase, Axiom, FTK, X-Ways, SIFT
- Experience on Splunk, Redline, Volatility
- Exp on Wireshark, TCP Dump
- Good working experience on open-source forensic tools
Note --
- Not a 9 to 5 role (Needs deep involvement and no time constraints should be there)
- Needs an intent to get deeper into the cyber security areas across whole cyber spectrum
Four Important Points -- >>
A. Please avoid applying, if you are looking for a generic job profile
B. Please also avoid applying, if you are hunting for a salary
C. Avoid applying if you are looking for a designation
D. Don't apply if you are looking for a 9 to 5 job.
Please apply within next three days. We will be closing all of these applications within a week.
