and global ransomware campaigns—in a dynamic, fast-paced environment. Key Responsibilities Lead host- and network-based incident investigations, including triage, system recovery, forensic analysis, malwareanalysis, and root cause assessments. Develop incident response rules and procedures, conduct tabletop exercises, and contribute to incident management planning. Stay … cyber incidents. Proficiency with tools such as: Open-source investigation tools (Wireshark, TCPDump, NetFlow, etc.) Network defense technologies (IDS/IPS, SIEM, Firewalls, etc.) Malwareanalysis tools (IDA Pro, REMnux, sandboxing solutions, etc.) Ability to engage and communicate effectively with senior stakeholders. This is a rare opportunity to More ❯
and global ransomware campaigns—in a dynamic, fast-paced environment. Key Responsibilities Lead host- and network-based incident investigations, including triage, system recovery, forensic analysis, malwareanalysis, and root cause assessments. Develop incident response rules and procedures, conduct tabletop exercises, and contribute to incident management planning. Stay … cyber incidents. Proficiency with tools such as: Open-source investigation tools (Wireshark, TCPDump, NetFlow, etc.) Network defense technologies (IDS/IPS, SIEM, Firewalls, etc.) Malwareanalysis tools (IDA Pro, REMnux, sandboxing solutions, etc.) Ability to engage and communicate effectively with senior stakeholders. This is a rare opportunity to More ❯
Australia. In this role you will work within the Amazon Security Incident Response Team (SIRT). SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard highly sensitive data. They work hands-on with detection … systems and vulnerability analysis tools to respond to potential threats to Amazon systems. SIRT Security Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. With your technical expertise, you will be solving security challenges at scale, working … the applications powering the most sophisticated e-commerce platform ever built. We value broad and deep technical knowledge, specifically in the fields of forensics, malwareanalysis, network security, application security, threat hunting, and threat intelligence. This position is based in Sydney, Australia. Key job responsibilities Responding to security More ❯
into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks … ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports on incident … You Are Good At Strong verbal and written communication skills for stakeholder engagement and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools. Expertise in threat More ❯
the Amazon internal network. We value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malwareanalysis, forensics, security operations, incident response, and emergent security intelligence. We don't expect you to be an expert in all of the … one high-level programming or scripting language PREFERRED QUALIFICATIONS - 3+ years experience working in security response, security automation tooling, or threat intelligence - Familiarity with malwareanalysis, forensics, SOAR, SIEM platforms, and a variety of Operating Systems (MS Windows, Linux, MacOS) - Experience with Amazon Web Services - Meets/exceeds More ❯
the Amazon internal network. We value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malwareanalysis, forensics, security operations, incident response, and emergent security intelligence. We don't expect you to be an expert in all of the … one high-level programming or scripting language PREFERRED QUALIFICATIONS 3+ years experience working in security response, security automation tooling, or threat intelligence Familiarity with malwareanalysis, forensics, SOAR, SIEM platforms, and a variety of Operating Systems (MS Windows, Linux, MacOS) Experience with Amazon Web Services Meets/exceeds More ❯
understanding of as many of the following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Incident Response Detection Engineering MalwareAnalysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Cloud Security Penetration Testing Security Automation (SOAR) It would help if … you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus, Nexpose) Anti-Malware/EDR Software (Carbon Black, Microsoft Defender ATP, FireEye, CrowdStrike) Intrusion Detection/Prevention Systems (IDS/IPS) (Suricata, Snort, Bro, Cisco, Palo Alto) Web Proxies (Bluecoat, Zscaler, Squid More ❯
platforms Must have hands-on knowledge of dealing with major security incidents Ability to automate using automation platforms or programming skills is a must Malwareanalysis experience and digital forensics experience is a plus Certification of Cyber Security, Forensic and Incident Response is a plus (CISSP, ECSA, GISP More ❯
and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of cryptography, network security, software security, malwareanalysis, forensics, security operations, incident response, and emergent security intelligence. Key Responsibilities Confidently and intelligently respond to security incidents, and proactively consider how More ❯
and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of cryptography, network security, software security, malwareanalysis, forensics, security operations, incident response, and emergent security intelligence. Key Responsibilities Confidently and intelligently respond to security incidents, and proactively consider how More ❯
advanced analytic technologies. Experience with threat detection in Azure Sentinel, Databricks, MPP Databases (Snowflake), or Splunk. Expertise in network, endpoint, and cloud security, cryptography, malwareanalysis, vulnerability assessment, anomaly/intrusion detection, incident response, and offensive security. Proficiency in AI/ML security and automation. Experience with data More ❯
advanced analytic technologies. Experience with threat detection in Azure Sentinel, Databricks, MPP Databases (Snowflake), or Splunk. Expertise in network, endpoint, and cloud security, cryptography, malwareanalysis, vulnerability assessment, anomaly/intrusion detection, incident response, and offensive security. Proficiency in AI/ML security and automation. Experience with data More ❯
to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malwareanalysis, and tracking changes made by Threat Actors. This position plays a key role in shaping the Cyber Defence strategy, driving deliverables, and More ❯
security alerts and logs to detect potential security incidents. Conduct initial triage and assessment of incidents to determine severity and impact. Conduct in-depth analysis of security incidents to determine root cause, scope, and extent of compromise. Analyze malware samples, network traffic, and system logs to identify indicators … reports to identify emerging threats and vulnerabilities. Correlate threat intelligence with security events and incidents to enhance detection and response capabilities. Document incident findings, analysis, and response actions in incident reports and case management systems. Prepare and present post-incident reports to management, stakeholders, and regulatory authorities. Coordinate incident … Manager (CISM) Offensive Security Certified Professional (OSCP) CompTIA Cybersecurity Analyst (CySA+) Experience: Several years of experience in cybersecurity, with a focus on incident detection, analysis, and response. Experience working in a CIRT or SOC environment, preferably in a senior role. Demonstrated expertise in conducting digital forensic investigations and malwareMore ❯
