DFIR Expert

Herzliya, Israel /
IR & Threat Intelligence /
Full Time
CYE is looking for a DFIR Expert, who has an extensive  technical background  to join our Digital Forensics and Incident Response team. The ideal candidate will be able to manage incidents, work unusual hours and perform well under pressure. The DFIR Expert  will be working with  a team of industry  leaders to investigate and perform root cause analysis on intrusions. 


    • Manage incident response & proactive engagements
    • Assess and proactively develop information security and incident response programs to help improve companies’ security postures before incidents occur
    • Produce high-quality written and verbal reports, presentations, recommendations, and findings to present to customer management
    • Perform digital forensics and host-based forensics on multiple platforms, including Windows, Linux, macOS, and Cloud
    • Perform network-based analysis, malware analysis and threat intelligence analysis


    • At least 2+ years of DFIR experience
    • Experience conducting or managing incident response investigations for organizations
    • Strong understanding of targeted attacks; able to create customized tactical and strategic remediation plans for compromised organizations
    • Extensive understanding of secure network architecture and  background in performing network operations
    • Perform Digital forensics of Windows-based and Linux-based platforms, as well as network forensic and analysis
    • Experience with investigating and research in cloud environment
    • Experience with research and data analysis of large DBsvia Splunk, Elasticsearch, SQL, or VQL
    • Thorough understanding of threat hunting models, as well as cyber threat intelligence, including TTPs and IoCs extraction and mapping
    • Basic static and dynamic malware analysis
    • Development knowledge in Python or PowerShell scripting languages
    • Ability to travel on short notice
    • Great written and verbal communication skills in English