Digital Forensic Analyst

Triskele Labs is a leading cybersecurity service provider in Australia, specializing in risk management and incident response. We are the largest CREST Registered Penetration Testing company in Melbourne and operate a 24x7x365 onshore Security Operations Team.

Our Digital Forensics and Incident Response (DFIR) team assists clients in preventing and responding to cyber-attacks, providing rapid recovery, root cause analysis, and data breach assessments. We leverage expertise across offensive and defensive cybersecurity disciplines, delivering comprehensive reports with findings and recommendations.

We are seeking a DFIR Analyst to lead incident response engagements from start to finish across various channels, providing expert advice during high-pressure situations and managing workloads based on incident severity and team priorities.

Key Responsibilities:

• Conduct DFIR investigations in diverse environments, including outside of normal hours.
• Communicate technical findings effectively to both technical and non-technical audiences.
• Analyze images, logs, and malware samples (static and dynamic analysis).
• Develop targeted threat hunts based on client industries.
• Document procedures, findings, and enhance internal methodologies.
• Provide leadership and guidance during incidents.

Qualifications:

• At least 1 year of DFIR experience.
• Understanding of incident response lifecycle and attacker TTPs.
• Strong forensic investigation skills, including chain of custody, malware analysis, and investigation protocols.
• Excellent analytical, communication, and interpersonal skills.
• Ability to work independently, remotely, and collaboratively.

Technical Skills:

• Experience with EDR tools: SentinelOne, Crowdstrike, Microsoft Defender, Carbon Black.
• Familiarity with SIEM platforms: Elastic, Rapid7, Microsoft Sentinel.
• Proficiency with forensic tools like Magnet Axiom, KAPE, Velociraptor, HAWK, Volatility, Hayabusa, and Chainsaw.

Highly Regarded Certifications:

• GIAC GCFE, GCFA, GCIH
• Magnet Axiom or equivalent tool certification
• SpectreOps – Adversary Tactics: Detection

At Triskele Labs, team culture is fundamental. We foster a forward-thinking environment, regularly seeking feedback to improve our workplace. Benefits include:

• Collaboration with C-Suite executives and industry leaders.
• Influence on the DFIR team’s strategic direction and career development.
• Modern office in Melbourne CBD or fully remote work from any U.S. state.
• Frequent team events organized by our People & Culture Team.