Senior Cyber Defense & Offensive Security Specialist (Incident Response & Threat)

EA Team, Inc.· United States· Posted 2h ago· via Dice
region USA
Apply Now

$ cat job-description.txt

Role : Senior Cyber Defense & Offensive Security Specialist (Incident Response & Threat)

Role Overview

Threat Research Advisory team is seeking a highly skilled and versatile cybersecurity professional to lead and execute advanced Digital Forensics & Incident Response (DFIR), Offensive Security Testing, and Cyber Threat Intelligence (CTI) operations. This role requires deep technical expertise, hands-on execution capability, and the ability to operate in high-pressure incident environments while supporting proactive security initiatives. The ideal candidate will bring a blend of forensic investigation, penetration testing, threat intelligence analysis, and automation development , with exposure to legal discovery processes and executive-level cyber risk scenarios.

Key Responsibilities

1. Digital Forensics & Incident Response (DFIR)

- Manage and execute incident response engagements for rapid response retainers, including: - Unauthorized access incidents

- Malware outbreaks and advanced threats

- Cyber extortion and ransomware attacks

- Perform: - Digital evidence acquisition and forensic analysis

- Deleted data recovery and memory analysis

- Malware reverse engineering

- Operate under legal frameworks, ensuring alignment with Attorney Work Product and legal privilege requirements

2. Offensive Security & Red Team Operations

- Conduct comprehensive penetration testing and adversary simulations , including: - Internal and external network testing

- Web, cloud, mobile (iOS), and thick client assessments

- Wireless infrastructure testing

- Execute exploitation techniques such as: - SQL injection, cross-site scripting (XSS)

- Privilege escalation and credential attacks

- Lead Social Engineering campaigns : - Phishing, smishing, pre-texting

- Perform Physical Security Assessments : - Facility access testing

- RFID cloning

- USB payload deployment

3. Cyber Threat Intelligence (CTI) & Threat Hunting

- Monitor and analyze intelligence across: - Surface, deep, and dark web environments

- Identify risks such as: - Stolen intellectual property

- Brand impersonation and typosquatting

- Credential leaks and compromise indicators

- Develop and operationalize: - Automation workflows and GenAI-driven threat hunting tools

- IOC enrichment pipelines and intelligence correlation models

4. CSIRT Operations, Labs & E-Discovery

- Support and operate 24/7 CSIRT functions , including: - Alert triage and incident containment

- Deploy and manage: - Network Telemetry Analysis (NTA) sensors

- Full packet capture solutions

- Execute E-Discovery and forensic data processing , including: - Predictive coding models

- Handling and hosting Electronically Stored Information (ESI)

- Using platforms such as Relativity and Nuix

5. Incident Preparedness & Executive Protection

- Develop and maintain: - Incident Response Plans (IRPs)

- Decision matrices and escalation protocols

- Executive reporting frameworks

- Conduct: - Ransomware simulations and breach exercises

- Executive tabletop scenarios

- Deliver Executive Identity Protection (EIP) services: - Removal of sensitive personal data from public sources and data brokers

Required Skills & Experience

Technical Expertise

- Proven experience in: - Multi-vector penetration testing (Network, Web, Cloud, Mobile, Wireless, Physical)

- DFIR and compromise assessments

- Malware analysis and reverse engineering

- Strong proficiency with tools such as: - Wireshark, Nmap, Recorded Future (or equivalent CTI platforms)

- Experience in: - OSINT collection and analysis

- Network telemetry analysis

Automation & Development

- Strong scripting and development skills in: - Python

- Linux-based environments

- Experience building: - Security automation tools

- Agentic workflows and bot-driven intelligence pipelines

Forensics & Legal Discovery

- Hands-on experience managing: - Electronically Stored Information (ESI)

- Legal discovery workflows

- Familiarity with: - Relativity, Nuix, or similar platforms

Certifications

Preferred certifications include:

- Offensive Security Certified Professional (OSCP)

- Certified Ethical Hacker (CEH)

- GIAC Security Essentials (GSEC)

- Additional DFIR or CTI certifications are a plus

Soft Skills & Attributes

- Ability to operate in high-pressure incident scenarios

- Strong analytical and investigative mindset

- Excellent stakeholder communication, including interaction with legal counsel and executives

- Ability to bridge offensive, defensive, and intelligence domains

- Strong documentation and reporting skills

first seen 2026-07-01 08:40:01 · last verified 2026-07-01 08:40:01

pentestcareers.com // breach the job market

Get new pentesting jobs in your inbox