Digital Forensics Analyst

at  Triskele Labs

Welcome to Triskele Labs, a premier cybersecurity firm renowned for its exceptional digital forensics and incident response (DFIR) services. Our DFIR team is at the forefront of combating cyber threats, specialising in ransomware and business email compromise investigations. We collaborate with a wide range of insurers and legal professionals to support organisations in the aftermath of cyber incidents, ensuring they are restored to safe and secure operations. By joining Triskele Labs, you will become part of a dynamic and innovative team committed to excellence and professional growth. As a Digital Forensics Analyst, you will play a critical role in safeguarding our clients’ digital assets and helping them navigate the complexities of cyber incidents. Embrace the opportunity to contribute to our mission of making the digital world a safer place, while working within a well-established team that values new perspectives and innovative approaches.
While we work in a hybrid manner, this role will require some on-site work to assist clients who have been impacted. Ideally this role will be located in Perth or Sydney. Out of hours (evening and weekend) work will be required, and this is paid. We also run an on-call roster for which all Digital Forensics Analysts take part in.

EXPERIENCE

• 1+ years’ experience in digital forensics and incident response.
• Extensive experience in digital forensics, incident response, and cybersecurity investigations.
• Proven track record of conducting ransomware investigations or significant involvement in such cases is highly regarded.
• Minimum requirement of conducting Business Email Compromise (BEC) investigations is required.

TECHNICAL SKILLS

• Proficiency in using digital forensics tools such as EnCase, FTK, X-Ways, Magnet Axiom, KAPE, Volatility, and Cellebrite.
• Familiarity with Endpoint Detection and Response (EDR) tools such as Crowdstrike and Microsoft Defender.
• Strong understanding of malware analysis, including static and dynamic analysis techniques.
• In-depth knowledge of incident response techniques and methodologies.
• Experience with network security, operating systems (Windows, Unix, Linux), and common threat vectors.
• Skills with the Elastic Stack for data analysis and visualisation.
• Ability to analyse and interpret log data from various sources to identify indicators of compromise.

SOFT SKILLS

• Strong analytical and problem-solving skills.
• Excellent verbal and written communication skills, with the ability to convey technical findings in a non-technical manner to stakeholders.
• Detail-oriented with a strong emphasis on accuracy and completeness in investigative work and reporting.
• Ability to work effectively both independently and as part of a team.
• Strong interpersonal skills to collaborate with clients and cross-functional teams.

OTHER REQUIREMENTS

• Ability to stay up-to-date with the latest trends and developments in digital forensics, malware analysis, and incident response.
• Commitment to maintaining the highest standards of professionalism and integrity in all investigations.
• Flexibility to work in a fast-paced and dynamic environment, managing multiple investigations simultaneously.

BENEFITS

Team culture is everything to Triskele Labs and it is the reason we exist.

We provide our team a great range of additional benefits such as:

• Additional days of leave for ‘Birthday Leave’ and ‘Doona Day’
• Access to a professional external Employee Assistance Program (EAP) for all team members
• Social functions organised by our People & Culture Team

We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs.

• Incident Response and Management:
• Conduct digital forensics investigations on compromised systems, networks, and devices.
• Investigate cybersecurity incidents, breaches, and other security-related events to identify the root cause.
• Collaborate with internal teams, insurers, and legal professionals to manage incident response activities effectively.
• Develop and implement strategies to mitigate the impact of cyber incidents and restore affected systems.
• Forensic Analysis:
• Perform detailed digital forensic analysis on a wide range of digital devices and data sources.
• Collect, preserve, and analyse electronic evidence in accordance with legal and regulatory requirements.
• Undertake static and dynamic analysis of malware samples collected from DFIR engagements.
• Conduct endpoint analysis and related investigations to identify and contain malware.
• Prepare comprehensive reports detailing findings, actions taken, and recommendations for remediation.
• Threat Intelligence and Research:
• Stay updated on the latest trends and developments in digital forensics, malware analysis, and incident response.
• Conduct research to identify new forensic techniques and tools to enhance investigative capabilities.
• Engage in ongoing threat hunting in client environments using SIEM, EDR, and other tools.
• Process Improvement and Development:
• Develop and maintain incident response plans and procedures.
• Continuously assess and enhance incident response processes and procedures.
• Contribute to the continuous improvement of forensic methodologies and incident response processes.
• Collaboration and Communication:
• Collaborate with clients to ensure a comprehensive understanding of their business and technical requirements.
• Provide clear and concise communication throughout the incident response process.
• Work closely with cross-functional teams, including cybersecurity, IT, legal, and compliance, to support incident resolution and prevention.
• Compliance and Best Practices:
• Ensure all forensic activities adhere to industry standards, regulatory requirements, and best practices.
• Participate in the development and implementation of policies, procedures, and guidelines related to digital forensics and incident response.
• Reporting and Documentation:
• Prepare comprehensive incident reports and documentation, detailing findings, actions taken, and recommendations for remediation.
• Maintain accurate and detailed records of all investigative activities.