Jobbeschreibung
Corporate Information Technology (CIT) is the central part of the company's strategy, developing and implementing innovative security solutions to enhance efficiency and competitiveness in the Carl Zeiss Group. By working closely with various business units, CIT ensures that technological advancements and digital transformations are seamlessly integrated into business processes.
- Conduct digital forensic investigations in the context of information security incidents, ensuring thorough and accurate analysis.
- Collect, preserve, and document forensic evidence in accordance with industry standards and legal requirements.
- Reconstruct and analyze security incidents using advanced forensic tools and techniques.
- Support the Cybersecurity Incident Response Team (CSIRT) with expert insights during incident detection, analysis, and remediation.
- Perform proactive threat hunting by analyzing network traffic, log data, and endpoint activities to detect indicators of compromise (IoCs) and hidden threats.
- Create detailed forensic reports and present technical findings clearly to internal stakeholders, including risk and legal teams.
- Work closely with internal IT and security teams to drive improvements in post-incident security measures and architecture.
- Deliver training and awareness sessions on digital forensics best practices, including for SOC Level 2 Analysts and other security stakeholders.
- Continuously assess and enhance forensic methodologies, tools, and workflows to improve investigation quality and efficiency.
As a Digital Forensic Analyst, you will be responsible for investigating and reconstructing information security incidents using advanced forensic tools and methodologies, ensuring compliance with legal and industry standards. You will proactively hunt for threats, support the Cybersecurity Incident Response Team with expert analysis, and collaborate with internal stakeholders to improve the organization's security posture. In addition, you will develop forensic reports, provide training, and continuously optimize forensic processes and technologies.
- Degree in Computer Science, IT Security, or a related work experience.
- At least 5 years of experience in digital forensics, information security incident response, or cybersecurity.
- Strong knowledge of relevant best practices, laws, and regulations related to digital forensics and cybersecurity in the EU, such as NIS2 Directive.
- Hands-on experience in analyzing digital evidence, including Windows and iOS mobile forensics.
- Proficiency in forensic tools such as Exterro FTK Imager, Nextron THOR, Velociraptor by Rapid7, or Magnet Axiom.
- Strong understanding of network protocols, malware analysis, data recovery, analytical skills, structured work approach and problem-solving competence.
- High level of self-motivation, results-oriented mindset.
