Cyble is a cyber intelligence company that empowers organizations with darkweb & cybercrime monitoring and mitigation services.

About the Role:
We are looking for a DFIR Specialist with 5–6 years of experience in cybersecurity, including at least 4 years in Digital Forensics and Incident Response. The role involves leading investigations related to ransomware, insider threats, and data breaches, performing forensic analysis, supporting evidence handling, and collaborating with internal teams to strengthen incident response capabilities. The ideal candidate should have hands-on experience with forensic tools, malware analysis, and a solid understanding of incident response frameworks.

What You’ ll Do:

• Lead and support DFIR investigations including ransomware, insider threats, data exfiltration, and targeted attacks.
• Perform disk, memory, and log forensics using industry tools (e.g., EnCase, FTK, Volatility, X-Ways, etc.).
• Analyze malware samples and reverse engineer payloads when required.
• Support evidence collection and preservation in line with legal and chain-of-custody requirements.
• Generate high-quality incident reports and briefings for internal and client stakeholders.
• Assist in creating and updating forensic playbooks and response procedures.
• Collaborate with SOC, threat intel, and red teaming teams to validate threats and enrich investigations.
• Participate in tabletop exercises and incident simulations for clients.

Technical Skills:

• Proficient with forensic tools like EnCase, X-Ways, Volatility, SleuthKit, Autopsy.
• Experience with EDR platforms (e.g., CrowdStrike, SentinelOne, Carbon Black).
• Solid understanding of Windows/Linux file systems, memory structures, and log artifacts.
• Knowledge of malware behavior and common threat actor TTPs.
• Familiarity with MITRE ATT&CK, NIST IR process, and incident lifecycle.

What You’ll Require:

• Experience: 5–6 years in cybersecurity with minimum 4+ years in DFIR roles.
• Certifications (preferred): GCFA, GCIH, GNFA, CHFI, or equivalent.

About Cyble:

Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India 

Our mission is clear: to provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone. 

At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. To learn more about Cyble, visit www.cyble.com.

Our SaaS-based enterprise platform collects intelligence data in real-time across open and closed sources. This enables you to map, monitor, and mitigate your digital risk footprint.

Through a combination of our industry-leading Machine Learning capabilities and our peerless Human Analytics, we deliver actionable threat intel well before your organization is at risk.