Cyber Dfir Analyst

3Columns is a specialist cybersecurity firm delivering a wide range of services from Security Assurance, Security Governance, Professional services and Managed XDR Service. We specialise in the delivery of a most comprehensive MXDR (24 / 7 SOC) service and focus on innovation to detach ourselves from the vendor marketing-fuelled products and services to ensure that our customers get the best service possible.

About the Role :

We are looking for a proactive DFIR Analyst to join our cybersecurity team. You will be responsible for threat hunting, handling escalated incidents, and conducting forensic investigations. The role requires strong problem-solving skills, a keen eye for detail, and the ability to prioritise tasks effectively. We are seeking self-driven individuals who take ownership of their work and communicate effectively. If you’re ready to grow and contribute, apply now!

Key Responsibilities :

• Conduct threat hunting using various techniques to detect hidden threats.
• Investigate escalated security incidents and perform in-depth forensic analysis.
• Analyse Windows OS artifacts, including event logs, registry changes, file system activity, and process execution.
• Perform memory forensics to identify malware, suspicious processes, and evidence of compromise.
• Conduct PCAP analysis to detect malicious network activity.
• Work with various logs to identify potential threats and suspicious activities.
• Understand the attack chain and identify tactics, techniques, and procedures (TTPs) used by adversaries.
• Familiarity with MITRE ATT&CK framework to map adversary tactics, techniques, and procedures (TTPs) during investigations.
• Analyse ransomware and malware TTPs, including initial access, lateral movement, persistence mechanisms, and data exfiltration techniques.
• Document findings, provide regular updates, and collaborate with the team.

Please note : - If you do not have prior experience with Threat Hunting or experience with Digital forensics, your CV will be rejected. This is not an internship role, we are looking for an experienced analyst only. anyone with less than 1 year of hands-on experience will be rejected.