// CAREERS · JOB OPENING

Senior Cyber Forensic & APT Specialist.

As a senior you are our expert for the most demanding cases. Your focus is on identifying and analyzing covertly operating attackers and complex, custom-built malware. You don’t just understand that a system was compromised — you reconstruct the entire campaign. You move confidently through the deepest layers of operating systems, protocols and enterprise infrastructures to expose persistent, highly developed attack patterns that standard security tools do not detect.

// 01 — RESPONSIBILITIES

Your core responsibilities

  1. 01
    Advanced incident investigation

    Leading and conducting deep forensic analyses of highly professional intrusions in enterprise and hybrid-cloud environments.

  2. 02
    Behavioral & TTP analysis

    Detecting and reconstructing advanced attack patterns beyond known file hashes. You analyze attacker behavior along the MITRE ATT&CK framework (e.g. living-off-the-land techniques, credential dumping, Kerberoasting).

  3. 03
    Deep memory & evasion forensics

    Detecting fileless malware, code injection, API hooking and process hollowing directly in volatile memory (RAM analysis), as well as identifying anti-forensics methods.

  4. 04
    Malware & protocol reverse engineering

    Technical analysis (static & dynamic) of proprietary or modified malware, decrypting custom C2 communication protocols and identifying obfuscation techniques.

  5. 05
    Cross-infrastructure tracking

    You use your broad knowledge of Active Directory / Entra ID, complex routing architectures and cloud tenants to trace attackers’ lateral movement and exfiltration paths without gaps.

  6. 06
    Strategic threat hunting

    Proactively developing complex hunting hypotheses and rule sets (e.g. YARA, Sigma) to uncover dormant persistence in large environments.

// 02 — PROFILE

Your profile (Senior Level)

  1. 01
    Senior DFIR expertise

    Many years of demonstrable experience in the forensic investigation of severe security incidents. Confident use of the full spectrum of triage and artifact-analysis tools.

  2. 02
    Deep OS & kernel understanding

    Solid knowledge of Windows/Linux internals (subsystems, registry, event-logging mechanisms, RPC, WMI, PAM) to isolate anomalies at system level immediately.

  3. 03
    Malware & code-analysis competence

    Solid skills with disassemblers and debuggers, and the ability to unmask shellcode, encrypted payloads and complex scripts (PowerShell, .NET, Go, Python).

  4. 04
    Infrastructure generalist

    A broad, well-founded understanding of modern IT architectures (hybrid networks, identity services, virtualization and containerization). You understand how networks are built in order to anticipate attacker paths logically.

  5. 05
    Automation mindset

    You use DevOps approaches (e.g. Terraform, SaltStack) to provision your own analysis and reverse-engineering infrastructure quickly and in isolation when it matters — but see this as a tool for your forensic work.

  6. 06
    Analytical brilliance

    Excellent ability to combine highly complex, fragmented chains of evidence into a clear situational picture and document it comprehensibly for management and authorities.

  7. 07
    Management & leadership

    Communication and leadership competence towards team members as well as third parties on the partner side.

APPLY NOW

Sound like you?

Send us your application via our secure contact channel — confidential and straightforward.

Apply now →View all positions