Security Engineer (DFIR Lab)

OverviewManage and maintain the DFIR Lab’s infrastructure, hardware, software, process and documentation.ResponsibilitiesMaintain and manage the team’s DFIR Lab’s hardware and software systems, ensuring availability and performance for the team engagementsKeep the team’s DFIR Lab’s asset inventory up to date and contribute to the process of license renewals, purchases and budgetingDeploy, configure and maintain forensic and incident response tools like EnCase, Magnet Axiom, FTK, Cellebrite, THOR, Velociraptor, KAPE, IDA Pro, etc.Configure and optimize forensics workstations and laptops, war laptops, servers and storage systemsEnsure the team’s DFIR Lab adheres to security, privacy and data integrity standardsImplement access controls, logging, audit trails and monitoring solutions to secure the lab environmentEvaluate and contribute to the testing and recommendation of new tools and technologies to enhance the Lab’s capabilitiesDevelop and maintain scripts or automation tools to streamline workflows and improve efficiencyContribute to process documentation and continuous service improvement activitiesCreate and update SOPs for lab operationsDocument forensic processes, lab configurations and tool usage guidelinesCollaboration with customers to deploy hardware and software for assessments and incident response engagementsExecute lab tasks in support of cyber incident response engagementsProficiency with Digital Forensics & Incident Response tools (Cellebrite, THOR, Velociraptor, KAPE, IDA Pro, Security Onion, FTK Imager, Magnet Axiom, EnCase and others)Good understanding of Incident Response and Digital Forensics tools deployment and functionalities such as EDR, NDR, forensic artifact collectors, intrusion detection, security monitoring, log managementExperience with digital forensics software and equipment such as write blockers, specialized cables and wires in a technical environment, forensics workstations, forensics laptops, adapters and connectorsExperience with (or at least knowledge of) evidence management and data acquisition in a lab in terms of supporting incident response and digital forensicsGood Experience with Linux system structure, commands, functions and toolsGood Experience with networking devices: switches, routers and firewallsUnderstanding of storage devices such as NASGood Experience with virtualization using VMWare ESXi (Nutanix and other virtualization software knowledge would be a plus)Knowledge of building baseline system configurations for servers and workstationsGood Experience and familiarity with server and desktop operating systems for Windows, Linux/Unix and MacExperience in managing cloud-based environmentsQualificationsDesired certifications in a minimum of one discipline: Incident Response, Digital Forensics, Cloud Computing, Linux/Windows Administration, Penetration Testing, Security Engineering such as CCE, CHFI, GCFE, INE Security, Microsoft/Azure/VMware/RedHat certificationMinimum Work Experience5+ years working in a technical lab, data center, DFIR or System Engineering teams with hands‑on experience in setting up scalable technical environments.EducationBachelor’s degree in computer science, Cybersecurity, Information Technology or Engineering is desirable, but not mandatory.#J-18808-Ljbffr