DFIR Specialist, Japan


  • Full Time
Our story:
Blackpanda Group is Asia’s leading local cyber incident response firm, dedicated to delivering world-class digital emergency response services to businesses in the region.
We help businesses strengthen their cyber resilience and secure their digital operations by supporting them with incident response delivered by local experts and cyber insurance underwritten by our Lloyd’s of London coverholder Pandamatics Underwriting.
Our mission is to make cyber resilience achievable for all, with services and solutions designed for the Asian market.
Our Mission: To democratise cyber resilience.
Our Vision: A world where organisations of all sizes have access to best-in-class cyber incident response and insurance solutions, so they can conduct business securely and sustainably.
What are we looking for: 
The customer-facing role will principally involve conducting Digital Forensics Incident Response (“DFIR”) duties including forensic data collection, root cause analysis, and cyber intrusion investigations, while working closely with the business development team in Japan to provide technical contributions to sales meetings.  The job includes working with a team of motivated DFIR Specialists based locally in Tokyo as well as an extended team in Singapore, Hong Kong, and Philippines capable of handling Asia’s complex cyber intrusion cases.  Blackpanda’s best-in-class talent around the region is aligned to become the most specialized and reliable DFIR company in Asia.
The candidate must either possess or build a personal reputation of trust and credibility within the cybersecurity DFIR industry. Being a modest, agile, and fast-moving company, there will be a need for the candidate to be equally nimble and involved in associated tasks that leverage his/her skills to solve challenging cyber breach cases for Blackpanda’s clients.
While this role requires a strong constitution, Blackpanda endeavors to build a sustainable work-life balance for DFIR Specialists by supplementing the business with insurance revenue to ensure a sizable team with rest and training cycles.

Responsibilities and Duties

  • Lead and/or act as the primary or secondary technical expert in cybersecurity DFIR investigations.
  • Identify and validate breached and compromised systems and take action to stop attacks from spreading across the client infrastructures.
  • Conduct forensic investigations to identify and document data, resources, processes, and people compromised via cybersecurity incidents and recommend actions to repair, restore, cleanse, or compensate affected assets, persons, or organizations.
  • Stay current with the latest cybersecurity threat landscape and how developments in the threat actors could harm policyholders.
  • For clients/policyholders, actively recommend and execute cybersecurity hygiene and other actions to evade, build immunity, and preempt cyber attacks.
  • Build a personal reputation within Blackpanda and its partners as a highly credible, trusted expert whose advice and counsel should be heeded and acted upon with thoroughness and urgency.
  • Develop the capability to produce (i) a regular cybersecurity threat and incident review; (ii) a periodic threat intelligence digest — that can be understood by non-technical persons and/or legal and compliance managers with minimal editing and up-leveling.
  • Assist clients in preparing contingency plans and checklists designed to expedite diagnosis and effective response to cybersecurity incidents and compromises.
  • Evaluate, advise and make recommendations for the acquisition of IT and cybersecurity products and services.
  • Maintain the ability to short-notice respond to crisis during hours of duty and responsibility to respond to cybersecurity incidents and emergencies.
  • Qualifications and Experience

  • At least three (3) years of experience in front line cybersecurity roles.
  • Bachelor’s or Master’s degree in computer science, electronic engineering, or equivalent subject areas with formal coursework or training in cybersecurity, digital forensics, and/or data protection.
  • Current holder of CISSP (Certified Information Systems Security Professional) and/or GIAC (Global Information Assurance Certification, such as GCIH or GCFA) – or equivalent. Additional cybersecurity-related certifications are advantageous.
  • Familiarity with legal and/or compliance requirements related to cybersecurity incident response and reporting.
  • Expert knowledge of tools and techniques used to conduct disk forensics, network forensics, log analysis and malware triage in support of incident response examinations.
  • Recognize the tactics, technique and procedures (TTP) of threat actors and be able to develop scripts and create tools for quick identification of threat agents in a compromised network.
  • Ability to quickly develop intimate knowledge of physical computing assets, software, and third party (i.e. “IaaS, PaaS and SaaS”) services deployed and consumed at client premises and their potential points of compromise and failure.
  • Front line experience working with teams and programs in organizations of scale and business focus similar to Blackpanda.
  • Ability to help with scoping prospective engagements, leading a complete incident lifecycle (i.e. Preparation, Detection & Analysis, Containment Eradication & Recovery, Post-Incident Activity) for all levels of Blackpanda’s clients.
  • Ability to communicate highly technical, actionable information and develop reports to audiences ranging from technically astute peers to non-technical business managers, legal counsel and leaders (including C-Suite level persons).
  • Maintains social, ethical, professional and organizational standards and values, always honors commitments.
  • Business fluent written and verbal communication skills in English and Japanese (native speaker)
  • What We Offer

  • 40 days paid leave per year inclusive of public holidays, which may be taken at the discretion of the employee subject to compliance with our Leave Policy and the approval of their manager.
  • Limited Work From Anywhere policy allotment, allowing for work from alternate locations contingent upon coverage provided by teammates and approved by manager for 10 days per quarter.
  • Monday through Thursday are required to be in-office; no scheduled internal meetings on Fridays, unless absolutely necessary.
  • Participation in Social Health Insurance
  • Opportunities for inter-office travel, including a required annual week-long Tribe Onsite meet-up.
  • $5000 USD/year for professional training budget contingent on approval from manager with 12-month retention requirement
  • Cash:  The Salary is JPY 13,000,000 per annum
    Equity: ESOP baseline award proportional to the annual compensation for a total of 19,350 options with a strike price set at current Fair Market Value, with a 5-year vesting period inclusive of a 1-year cliff.
    Candidates who successfully pass the Interview stage will be required to complete a Case Study, used to evaluate their technical knowledge and application of their skills in practical scenarios relevant to the role.
    Blackpanda is committed to building a culturally diverse company, and we value a broad set of opinions in our team. As we grow, we are looking to build a team with a range of viewpoints at its core, and we encourage applications from all genders as you identify (X/F/M) and minority candidates.
    Blackpanda does not accept unsolicited resumes from recruitment agencies. We will not be responsible for any fees related to unsolicited candidates submitted by recruiters with whom we have not established explicit, written agreements for our job vacancies. By submitting any candidate information, recruiters agree to forfeit any claim to fees should their candidate be hired without an established agreement with Blackpanda.
    Job Overview

    The Forensic.jobs domain is for sale!


    Receive job alerts twice per week:

    Your subscription could not be saved. Please try again.
    Your subscription has been successful.

    Choose one or more global alerts or browse to the USA and UK alert pages:

    USA Specific Job Alerts
    UK Specific Job Alerts

    Our marketing platform's terms of use