{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/forensic-analysis"},"x-facet":{"type":"skill","slug":"forensic-analysis","display":"Forensic Analysis","count":2},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_de3eafc7-e74"},"title":"Cloudforce One REACT Principal Consultant","description":"<p>About Us</p>\n<p>At Cloudflare, we are on a mission to help build a better Internet. We run one of the world&#39;s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies.</p>\n<p>Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks.</p>\n<p>About the Team</p>\n<p>Cloudforce One is Cloudflare&#39;s threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state advanced persistent threats (APTs).</p>\n<p>About the Role</p>\n<p>We are seeking a talented Senior Manager, Incident Response to join us in growing our Cloudforce One organization, where you will be instrumental in building a proactive and threat intelligence-driven approach to protecting Cloudflare and its customers from sophisticated and evolving threat actors.</p>\n<p>Responsibilities</p>\n<p>As a REACT Consultant, you will respond to customer security incidents in on-premises and cloud environments. You will detect and disrupt cyber threat activity across customer networks and cloud environments. You will engage with customers at all levels including Executive, VP, Director, and managerial levels. You will serve an integral role in the discovery and analysis of cyber threat intrusions, working alongside forensic analysts, threat researchers, detection engineers, and malware analysts to detect and mitigate malicious activity.</p>\n<p>The findings you uncover will help identify Tactics, Techniques, and Procedures (TTPs) of ongoing threat activity to protect your customer and the greater Cloudflare customer base.</p>\n<p>Requirements</p>\n<p>Our ideal candidate will have 1-2 years of previous experience in cybersecurity with at least 1+ years in Digital Forensics or Incident Response. Candidates will have experience with hands-on forensic analysis in a Windows, Mac, and Linux environment. Ideally, this candidate will have experience triaging malware using static or dynamic analysis on Windows, macOS, or UNIX-based platforms.</p>\n<p>You will be responsible correlating threat actor activity across the customers environment. Outstanding candidates will possess excellent verbal and written communication skills. You will also have experience with incident response reports and reliably be able to write simple scripts in Python or Golang.</p>\n<p>Examples of desirable skills, knowledge and experience include:</p>\n<ul>\n<li>Bachelor&#39;s degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent training/practical experience</li>\n<li>3+ years of previous experience in cyber security</li>\n<li>2+ years of Incident Response experience</li>\n<li>1+ years of customer-facing role</li>\n<li>Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists</li>\n<li>Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise</li>\n<li>Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs</li>\n<li>Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis</li>\n<li>Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations</li>\n<li>Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations</li>\n<li>Cloud Incident Response: knowledge in any of the following areas: AWS, Azure, GCP incident response methodologies</li>\n<li>Communications: strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams</li>\n<li>Strong written and verbal communication skills, with the ability to establish and maintain strong working relationships with business groups</li>\n<li>Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS</li>\n<li>Familiarity with various cloud environments (AWS, Azure, O365, Google, Cloudflare)</li>\n<li>Understanding of MITRE ATT&amp;CK and NIST Cyber Security Frameworks standards and requirements</li>\n<li>In-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems</li>\n</ul>\n<p>Bonus Points:</p>\n<ul>\n<li>Proficient in Python or Golang, capable of writing modular code that can be installed on a remote system</li>\n<li>Proficient with Yara and writing rules to detect similar malware samples</li>\n<li>Understanding of source code, hex, binary, regular expression, data correlation, and analysis such as network flow and system logs</li>\n<li>Practical malware analysis experience with static, dynamic, and automated malware analysis techniques</li>\n<li>Possess mid-level experience as a Malware Analyst able to reverse engineer various file formats and analyze complex malware samples</li>\n<li>Reverse engineering experience with APT malware with an understanding of common infection vectors</li>\n<li>Knowledgeable of current malware techniques to evade detection and obstruct analysis</li>\n<li>Experience writing malware reports on unique and interesting aspects of malware</li>\n<li>Experience with malware attribution</li>\n<li>Experience with tracking and identifying threats through Indicator of Compromise (IOCs) pivoting and infrastructure enumeration</li>\n<li>Familiarity with bash command line executables to conduct static analysis and investigate IOCs</li>\n</ul>\n<p>Travel requirements</p>\n<p>Ability to travel up to 20% of the time</p>\n<p>Position may require foreign and domestic travel, passport will be required</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_de3eafc7-e74","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Cloudflare","sameAs":"https://www.cloudflare.com/","logo":"https://logos.yubhub.co/cloudflare.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/cloudflare/jobs/7389902","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Digital Forensics","Incident Response","Cybersecurity","Network Forensic Analysis","Reverse Engineering","Malware Analysis","Cloud Incident Response","Communication","Network Protocols","Cloud Environments","MITRE ATT&CK","NIST Cyber Security Frameworks","Windows Operating Systems","Unix","Linux","Mac Operating Systems"],"x-skills-preferred":["Python","Golang","Yara","Source Code","Hex","Binary","Regular Expression","Data Correlation","Network Flow","System Logs","Static Analysis","Dynamic Analysis","Automated Malware Analysis","Malware Attribution","Indicator of Compromise","Infrastructure Enumeration","Bash Command Line Executables"],"datePosted":"2026-04-18T15:52:02.967Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Hybrid"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Digital Forensics, Incident Response, Cybersecurity, Network Forensic Analysis, Reverse Engineering, Malware Analysis, Cloud Incident Response, Communication, Network Protocols, Cloud Environments, MITRE ATT&CK, NIST Cyber Security Frameworks, Windows Operating Systems, Unix, Linux, Mac Operating Systems, Python, Golang, Yara, Source Code, Hex, Binary, Regular Expression, Data Correlation, Network Flow, System Logs, Static Analysis, Dynamic Analysis, Automated Malware Analysis, Malware Attribution, Indicator of Compromise, Infrastructure Enumeration, Bash Command Line Executables"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_15b631cd-e96"},"title":"Director - Vehicle and Connected Services Monitoring","description":"<p><strong>Director - Vehicle and Connected Services Monitoring</strong></p>\n<p>This leadership role within the Vehicle and Connected Cybersecurity organization is responsible for leading the &quot;eyes and ears&quot; of the company. You will lead a global team of experts tasked with monitoring trillions of signals from vehicle telematics, embedded systems, and cloud-native application stacks, ensuring that millions of connected vehicles and the cloud services that power them are continuously protected against sophisticated global threats.</p>\n<p>Your mandate covers the entire lifecycle of a threat—from proactive intelligence gathering and managing global bug bounty programs to real-time detection engineering and high-stakes incident response. As a key leader in the Ford+ transformation, you will bridge the gap between Product Development, Model e, Ford Pro, and Enterprise IT to ensure a unified, world-class defense posture.</p>\n<p><strong>Responsibilities</strong></p>\n<p><strong>Global Vehicle &amp; Application Monitoring (VSOC/ASOC Operations):</strong></p>\n<p>Directing 24/7 monitoring for Ford’s global connected fleet and digital services, ensuring operational excellence with high-fidelity visibility across geographies, and overseeing the analysis of vast signals from vehicle telematics, embedded systems, and cloud-native applications.</p>\n<p><strong>Analysis &amp; Incident Response (CIRT Partnership):</strong></p>\n<p>Serving as the primary executive lead for security incidents involving vehicles or connected services, partnering with the corporate Incident Response Team (CIRT), directing forensic analysis on vehicle-specific protocols (CAN, Automotive Ethernet) and cloud/mobile application stacks, and developing rapid-response playbooks including Over-the-Air (OTA) security mitigations.</p>\n<p><strong>Monitoring Development &amp; Detection Engineering:</strong></p>\n<p>Leading teams to build advanced detection logic, behavioral heuristics, and Machine Learning (ML) models for automotive attack patterns, driving the implementation of Security Orchestration, Automation, and Response (SOAR) platforms, and integrating data science for anomaly detection.</p>\n<p><strong>Product Threat Intelligence:</strong></p>\n<p>Building and leading a dedicated capability to track threat actors targeting the automotive sector, EV charging infrastructure, and fleet management tools, translating intelligence into proactive defense strategies, and representing Ford in industry forums like Auto-ISAC.</p>\n<p><strong>Threat Hunting &amp; Bug Bounty Program:</strong></p>\n<p>Leading a specialized hunt team to identify hidden threats and vulnerabilities, overseeing Ford’s Coordinated Vulnerability Disclosure (CVD) and Bug Bounty programs, and aligning insights with internal red-teaming and secure-coding priorities.</p>\n<p><strong>Executive Leadership &amp; Qualifications:</strong></p>\n<p>Defining and executing a global monitoring roadmap aligned with Ford’s software-centric transition, acting as the primary authority for operational cyber risks, leading and mentoring a global organization, and influencing cross-functional partners</p>\n<p><strong>Qualifications</strong></p>\n<ul>\n<li><strong>Education:</strong> Bachelor’s degree in Computer Science, Cybersecurity, or Engineering (Master’s or PhD highly preferred).</li>\n<li><strong>Experience:</strong> 15+ years in Cybersecurity, with at least 7 years in a senior leadership role overseeing large-scale SOC or Incident Response organizations.</li>\n<li><strong>Technical Depth:</strong> Deep understanding of SOC operations, threat intelligence frameworks (MITRE ATT&amp;CK), and automotive-specific security challenges.</li>\n<li><strong>Executive Presence:</strong> Proven ability to manage high-pressure security incidents and communicate complex technical risks to non-technical stakeholders.</li>\n</ul>\n<p><strong>Benefits</strong></p>\n<p>You may not check every box, or your experience may look a little different from what we&#39;ve outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply!</p>\n<p>As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including:</p>\n<ul>\n<li>Immediate medical, dental, vision and prescription drug coverage</li>\n</ul>\n<ul>\n<li>Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more</li>\n</ul>\n<ul>\n<li>Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more</li>\n</ul>\n<ul>\n<li>Vehicle discount program for employees and family members and management leases</li>\n</ul>\n<ul>\n<li>Tuition assistance</li>\n</ul>\n<ul>\n<li>Established and active employee resource groups</li>\n</ul>\n<ul>\n<li>Paid time off for individual and team community service</li>\n</ul>\n<ul>\n<li>A generous schedule of paid holidays, including the week between Christmas and New Year’s Day</li>\n</ul>\n<ul>\n<li>Paid time off and the option to purchase additional vacation time.</li>\n</ul>\n<p><strong>Salary</strong></p>\n<p>This position is leadership level 5 and ranges from $138,240-261,720.</p>\n<p>Final determination of salary grade will be based on candidate&#39;s skills and experience, and base salary will be set within the applicable range according to job scope, responsibility and competitive market value.</p>\n<p>For more information on salary and benefits, click here: https://fordcareers.co/LL5</p>\n<p><strong>Visa Sponsorship</strong></p>\n<p>Visa sponsorship is not available for this position.</p>\n<p><strong>Equal Opportunity Employer</strong></p>\n<p>Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.</p>\n<p>We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660.</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_15b631cd-e96","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Ford Motor Company","sameAs":"https://efds.fa.em5.oraclecloud.com"},"x-apply-url":"https://efds.fa.em5.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1/job/59812","x-work-arrangement":"remote","x-experience-level":"executive","x-job-type":"full-time","x-salary-range":"$138,240-261,720","x-skills-required":["Cybersecurity","SOC operations","Threat intelligence frameworks","Automotive-specific security challenges","Machine Learning","Security Orchestration, Automation, and Response","Data science","Anomaly detection","Forensic analysis","Incident response","Bug bounty programs","Coordinated Vulnerability Disclosure","Red-teaming","Secure-coding"],"x-skills-preferred":[],"datePosted":"2026-03-09T11:04:41.073Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"United States"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Automotive","skills":"Cybersecurity, SOC operations, Threat intelligence frameworks, Automotive-specific security challenges, Machine Learning, Security Orchestration, Automation, and Response, Data science, Anomaly detection, Forensic analysis, Incident response, Bug bounty programs, Coordinated Vulnerability Disclosure, Red-teaming, Secure-coding","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":138240,"maxValue":261720,"unitText":"YEAR"}}}]}