Digital Forensic Incident Response Analyst at Cryptocurrency Trading Firm

Who is Recruiting from Scratch: 

Recruiting from Scratch is a premier talent firm that focuses on placing the best product managers, software, and hardware talent at innovative companies. Our team is 100% remote and we work with teams across the United States to help them hire. We work with companies funded by the best investors including Sequoia Capital, Lightspeed Ventures, Tiger Global Management, A16Z, Accel, DFJ, and more. 

If you are a fit, the team will reach out to you about this role or any others that may be a fit for our clients.

Our Client

Founded in 2013, our client is a crypto market maker with more than 300 employees in 5 countries. They provide billions of dollars of liquidity to cryptocurrency protocols and exchanges on a daily basis. They build long-term relationships with cryptocurrency communities and traditional investors by offering exceptional service, expertise and trading capabilities tailored to their specific needs.

Our client works with token issuers, traders, investors, miners, and more than 60 cryptocurrency exchanges around the world. In volatile markets they are a trusted partner to crypto native builders and to those exploring the industry for the first time. 

Their team of veteran finance and technology executives from Goldman Sachs, Two Sigma, Citadel, and Tower Research among others, has developed one of the world’s fastest and most robust trading platforms designed to navigate issues unique to the digital asset markets. They have continuously improved their technology throughout their history, allowing for their clients to scale and execute their strategies with the highest level of efficiency.

Working at our client is an opportunity to be deeply embedded in every major sector of the cryptocurrency ecosystem.

About the Role

They are looking for an experienced digital forensic incident responder to join their global and highly specialist Information Technology team. You will work investigating attacks against our client while performing deep forensic analysis to determine attack vectors, TTP and more

This position requires strong knowledge of security concepts, digital forensics, incident response, cloud security (AWS) and programs (threat intelligence, incident management, threat hunting).  Your contribution will be fundamental to shaping the firm's IT security ecosystem. 

Responsibilities

• Responsible for the operation and execution of the forensic activities within the Cybersecurity Operations
• Participate in threat hunting missions and remediate gaps that are identified
• Perform deep-dive, incident response-oriented forensic analysis on media identified in potential security incidents 
• Collect, analyze, and properly preserve digital evidence from our client's laptops, desktops, servers and cloud assets.
• Ensure appropriate tracking and handling of events to meet audit and legal requirements. 
• Perform proactive analysis and reporting of cyber threats and security anomalies 
• Monitor for alerts from security tools and responds with an intelligence-driven, investigative analysis approach.

Some Deliverables

• Ensure all the documentation is generated with the quality standards required by each of the incidents and data collection requests
• Escalate incidents as needed, for further immediate action and support 
• Conduct and assist with the incident response (investigate, analyze, and remediate incidents) including assisting with cyber threat intelligence research.

Your Profile

• Three or more years of experience in a large organization performing active incident response work and performing such work for large customers 
• Solid understanding of Linux and macOS Operative system
• Knowledge of anti-forensics tactics, techniques, and procedures
• Skill in analyzing memory dumps to extract information
• Experience with AWS 
• Experience with tools such as Celebrite to perform triage, live data acquisition and targeted data collection  
• Experience with EnCase, FTK, CyFIR, or similar forensic analysis platforms 
• Experience performing digital forensics on macOS and iOS systems 
• Knowledge of Monitoring (SIEM) and Detection (EDR)
• Knowledge of the MitreATT&CK framework
• Strong written and communication skills

One or more certifications of the following:

• CFCE (Certified Forensic Computer Examiner)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Network Forensic Analyst (GNFA)
• EnCE (EnCase Certified Examiner)
• EnCEP (EnCase Certified eDiscovery Practitioner)
• GASF (GIAC Advanced Smartphone Forensics)

Benefits: 

A collaborative and transparent company culture founded on Integrity, Innovation and Performance. Competitive Salary with two discretionary bonus’ payments a year. Benefits such as Healthcare, Dental, Vision, Retirement Planning, 30 days holiday and free lunches when in the office. 

Hybrid working pattern in all of their offices from London, New York, Singapore, Zug and Malaga.

Regular Town Halls and off-sites, team lunches and drinks. 

A Corporate and Social Responsibility program as well as charity fundraising matching and volunteer days.   

Immigration and relocation support where required.