Senior DFIR Consultant (f/m/x)

Flexitime Trusted working hours

40 hours / week

Monday - Friday No on-call duty

Freely selectable

Casual Business for client contact

Up to 100%

Project-dependent Approx. 1 week / month To client organizations Germany-wide

DCSO GmbH

Founded independently by Allianz, BASF, Bayer & Volkswagen Competence center & service provider for the IT security of Germany's top businesses

50 - 199

Internet & Information Technology

Absolute vendor neutrality All profits are fully invested in DCSO's own research & development as well as strategic projects Protects the German economy from hackers, industrial espionage & sabotage Customer base that primarily consists of DAX & MDAX companies Techonological pioneer for the automation of assessment processes Market leader for cloud vendor auditing

Website Twitter Xing LinkedIn

Familiar & dynamic working environment Opportunities to actively shape processes & systems

Home Office or Berlin EUREF-Campus (Co-payment & assistance in case of relocation) and Approx. 1 Week / Month at clients in Germany (Full coverage of any costs, travel time counts as working hours)

Accessibility: Easy access with public transport

Own Campus View into greenery Numerous shops for everyday needs e. g. Various restaurants Staff restaurant(s) Canteen discounts

Modern office building Bright rooms Short distances to colleagues Cooling ceilings New building Modern equipment High comfort 2-3-person offices or 4-6-person offices

Height-adjustable desk Docking station Laptop Smartphone Landline telephone Ergonomic equipment Individual materials available on request

Collegial cohesion Christmas party Various team events / company trips Familial interaction Positive working atmosphere

Kitchen Modern coffee machine Free coffee / tea Free water Various other free drinks Refrigerator Microwave Fruit basket Snacks WiFi (also for private use) Bike basement Shower(s) Gym BusinessBike Job Ticket Unique network

Between 95.000 and 110.000 Euro Gross Per Year Depending on experience Payout in 12 monthly salaries Regular salary adjustment

Success-based bonus possible

30 days / year

Compensated through leisure time

Various other employee offers e. g. Employer-financed company pension plan Parental leave Meal allowance Health offers / health campaigns Mobile working Sabbatical possible Subsidized gym Subsidized lunch Numerous additional remunerations

5-10 direct colleagues

Diverse / From young to old

Nationwide

German English

Flat hierarchies Reporting to > Head of department

Individually customizable Internal & external training Any time in consultation with management Soft-skill trainings Technical seminars / trainings Comprehensive training program

Annual salary reviews Variety of career / promotion opportunities Depending on performance Various career paths possible

Growing & steady industry Pioneer on the future market landscape Permanent contract

Strategies & technical solutions for the successful defense of the German economy Against criminal hacker attacks, industrial espionage & sabotage Sucessful response to & mitigation of IT-forensic incidents in client organizations

Conducting digital forensic investigations & providing operational assistance in actions in the context of incident response projects In compliance with prevailing laws & client policies Ad hoc programming solutions using pragmatic approaches Providing operative assistance in digital forensic operations Leading technical projects & initiatives in order to derive actions & assess risk & conditional restraints Closely collaborating with internal & external security teams, the legal department & executives of client organizations Regularly interacting with experienced IT specialists across all domains Formulating recommendations to avoid & mitigate technical obstacles in the future Assisting in cross-organizational problem-solving efforts Communicating complex technical subject matters & circumstances to client representatives in a manner suited to the client audience Documenting & preserving investigation processes, analyses & results

THOR ELK Plaso Timesketch GRR Linus (CLI) Markdown LaTeX

Colleagues Members of other teams Members of other IT security teams Colleagues from IT operations Colleagues in the legal department Lower-ranked employees One / few superiors Existing clients Management- & C-level executives of client organizations

1-10 persons

None

None

At least 5 years In the field of SOC CERT or (DF)IR

e. g. as Security Analyst Incident Response Engineer Digital Forensics Specialist IT Security Expert

Irrelevant

Required: Strong technical know-how or experience in Windows or Linux forensics File system forensics Data storage forensics THOR log analysis State-of-the-art IR tools Linux (CLI) & scripting Advanced persistent threats (APT) & their tactics, techniques, & procedures (TTP) esp. Lateral Movement Ransomware victim support Consulting, planning, & execution of remediation Experience with enterprise IT standards & processes & their application to business requirements Technical consulting & technical writing skills Ability to perform well in multitasking- & interrupt-driven working environments Experience in or ability to work with executives in crisis & emergency situations Willingness to relocate to Germany Advantageous: Basic knowledge of malware analysis Experience in creating YARA / Sigma signatures Basic programming skills e. g. with Python Go Interest in topics revolving around security & open source software Ability to understand & learn new concepts & techonologies High willingness to travel Experience in technical writing with Markdown or LaTeX Experience working with ELK, Plaso, Timesketch, GRR or THOR

Strong Written & Oral Communication skills Including on Senior Management Level Assertiveness Negotiation skills Self-confidence Determination Flexibility Empathy Teamwork Sociableness Humour

Reliable Resilient Analytical Cross-functional Client-oriented Creative Pragmatic Structured Solution-oriented Independent

At least Apprenticeship Bachelor Master or More than 5-10 years of relevant professional experience

IT & Technology IT Security IT Forensics

German Good (B1) and English Business fluent (C1) Spoken & written