Senior Cyber Defense & Offensive Security Specialist (Incident Response & Threat)
$ cat job-description.txt
Role : Senior Cyber Defense & Offensive Security Specialist (Incident Response & Threat)
Role Overview
Threat Research Advisory team is seeking a highly skilled and versatile cybersecurity professional to lead and execute advanced Digital Forensics & Incident Response (DFIR), Offensive Security Testing, and Cyber Threat Intelligence (CTI) operations. This role requires deep technical expertise, hands-on execution capability, and the ability to operate in high-pressure incident environments while supporting proactive security initiatives. The ideal candidate will bring a blend of forensic investigation, penetration testing, threat intelligence analysis, and automation development , with exposure to legal discovery processes and executive-level cyber risk scenarios.
Key Responsibilities
1. Digital Forensics & Incident Response (DFIR)
- Manage and execute incident response engagements for rapid response retainers, including: - Unauthorized access incidents
- Malware outbreaks and advanced threats
- Cyber extortion and ransomware attacks
- Perform: - Digital evidence acquisition and forensic analysis
- Deleted data recovery and memory analysis
- Malware reverse engineering
- Operate under legal frameworks, ensuring alignment with Attorney Work Product and legal privilege requirements
2. Offensive Security & Red Team Operations
- Conduct comprehensive penetration testing and adversary simulations , including: - Internal and external network testing
- Web, cloud, mobile (iOS), and thick client assessments
- Wireless infrastructure testing
- Execute exploitation techniques such as: - SQL injection, cross-site scripting (XSS)
- Privilege escalation and credential attacks
- Lead Social Engineering campaigns : - Phishing, smishing, pre-texting
- Perform Physical Security Assessments : - Facility access testing
- RFID cloning
- USB payload deployment
3. Cyber Threat Intelligence (CTI) & Threat Hunting
- Monitor and analyze intelligence across: - Surface, deep, and dark web environments
- Identify risks such as: - Stolen intellectual property
- Brand impersonation and typosquatting
- Credential leaks and compromise indicators
- Develop and operationalize: - Automation workflows and GenAI-driven threat hunting tools
- IOC enrichment pipelines and intelligence correlation models
4. CSIRT Operations, Labs & E-Discovery
- Support and operate 24/7 CSIRT functions , including: - Alert triage and incident containment
- Deploy and manage: - Network Telemetry Analysis (NTA) sensors
- Full packet capture solutions
- Execute E-Discovery and forensic data processing , including: - Predictive coding models
- Handling and hosting Electronically Stored Information (ESI)
- Using platforms such as Relativity and Nuix
5. Incident Preparedness & Executive Protection
- Develop and maintain: - Incident Response Plans (IRPs)
- Decision matrices and escalation protocols
- Executive reporting frameworks
- Conduct: - Ransomware simulations and breach exercises
- Executive tabletop scenarios
- Deliver Executive Identity Protection (EIP) services: - Removal of sensitive personal data from public sources and data brokers
Required Skills & Experience
Technical Expertise
- Proven experience in: - Multi-vector penetration testing (Network, Web, Cloud, Mobile, Wireless, Physical)
- DFIR and compromise assessments
- Malware analysis and reverse engineering
- Strong proficiency with tools such as: - Wireshark, Nmap, Recorded Future (or equivalent CTI platforms)
- Experience in: - OSINT collection and analysis
- Network telemetry analysis
Automation & Development
- Strong scripting and development skills in: - Python
- Linux-based environments
- Experience building: - Security automation tools
- Agentic workflows and bot-driven intelligence pipelines
Forensics & Legal Discovery
- Hands-on experience managing: - Electronically Stored Information (ESI)
- Legal discovery workflows
- Familiarity with: - Relativity, Nuix, or similar platforms
Certifications
Preferred certifications include:
- Offensive Security Certified Professional (OSCP)
- Certified Ethical Hacker (CEH)
- GIAC Security Essentials (GSEC)
- Additional DFIR or CTI certifications are a plus
Soft Skills & Attributes
- Ability to operate in high-pressure incident scenarios
- Strong analytical and investigative mindset
- Excellent stakeholder communication, including interaction with legal counsel and executives
- Ability to bridge offensive, defensive, and intelligence domains
- Strong documentation and reporting skills
first seen 2026-07-01 08:40:01 · last verified 2026-07-01 08:40:01
pentestcareers.com // breach the job market