×
Bewerbung Bewerbung Stellen posten Stellen posten Startseite
Hier anmelden um sich kostenlos auf Stellen zu bewerben oder Stellenanzeigen aufzugeben. X
Mehr Jobs:
Cyber-Sicherheit Datensicherheit Informations-Sicherheit

Senior Incident Response & Digital Forensics Consultant

in 80331, München, Bayern, Deutschland
Unternehmen: NVISO
Vollzeit position
Verfasst am 2026-01-03
Berufliche Spezialisierung:
  • IT/Informationstechnik
    Cyber-Sicherheit, Datensicherheit, Informations-Sicherheit
Gehalts-/Lohnspanne oder Branchenbenchmark: 100000 - 125000 EUR pro Jahr EUR 100000.00 125000.00 YEAR
Stellenbeschreibung
Stellenbezeichnung: Senior Incident Response & Digital Forensics Consultant (m / w / d)

Who are we?

It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.

All of this is built on four fundamental values that define who we are:
We are Proud, We Break Barriers, We Care and No BS!

Tasks

As our Senior Incident Response
Consultant (m/w/d), you will support the NVISO incident response team (CSIRT) in responding to a wide range of cyber incidents. In addition to incident response and forensic engagements, you will work closely with the rest of the team to build & automate incident response processes, analytical capabilities, including threat hunting. You act as Incident Lead by setting investigative questions, delegating technical analysis tasks, and steer containment and eradication strategies.

You produce high-quality forensic and executive reports to present findings to technical stakeholders and executives. You occasionally peer-review case notes, artifacts, and draft reports.

Your responsibilities

  • Perform host forensics (Magnet AXIOM Cyber, X-Ways, Autopsy),
    network forensics (Wireshark, tshark),
    memory forensics (Volatility, MemProcFS), and log analysis
    , including cloud telemetry (Microsoft 365/Azure, AWS, Google Cloud/Workspace), in support of cyber incident investigations.
  • Lead single-system forensic analysis and contribute meaningfully to complex intrusions, including those with lateral movement, perform timeline analysis of compromised hosts and conduct live response artifact capture, volatile data collection, containment to support eradication and recovery efforts.
  • Perform basic malware triage of executables and malicious scripts (static and behavioral) to inform containment and eradication strategies.
  • Lead customer calls during incidents and contribute to cyber crisis management, and deliver status reports, planning for containment, eradication and recovery efforts, and input to executive-ready communications.
  • Support improvement projects related to automation in digital forensics and further develop NVISO tools and incident response processes.
  • Perform threat hunting engagements within customer environments, including technical planning, requirements definition, execution, and reporting.
  • Assist in other engagements such as tabletop exercises, incident and forensic readiness assessments, and threat-intelligence-related briefings.
Requirements
  • 4+ years of hands-on experience, including acting as an incident response case lead.
  • Strong knowledge of cyber intrusion analysis, incident response, digital forensics on Windows/MacOS/Unix, with demonstrated expertise in memory forensics (Volatility, MemProcFS), timeline analysis (e.g., MFTECmd, KAPE, Plaso/Time sketch), and disk forensics (Magnet AXIOM Cyber, X-Ways, Autopsy).
  • Proficiency with live response tooling (e.g., Velociraptor, GRR Rapid Response, EDR live response) and coordinating remediation actions.
  • Up-to-date on the latest cybersecurity threats and attacker TTPs.
  • Excellent analytical and problem-solving skills with an eye for detail in documentation.
  • Effective communication and interpersonal skills to work collaboratively with clients and cross-functional teams.
  • Ability to remain calm during crisis situations and prioritize effectively under pressure.
  • Language:
    German and English at C1+ proficiency for client-facing work across DACH.
  • You are eligible for a NATO clearance. (see HERE for more information)

Your availability

  • We have an On-call rotation, typically one week per month.

Travel

  • Some limited travel within DE/AT/CH (~10–20%) for onsite response, workshops, and stakeholder meetings.
Benefits

At NVISO, we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components:

  • Working and learning from the best people in the European cyber security industry. We have multiple SANS Instructors working at NVISO, our staff has presented at popular hacking conferences (Black Hat, BruCON, OWASP, etc) and all of our technical staff can acquire deep technical…
Stellen-Anforderungen
10+ Jahre Berufserfahrung
Bitte beachten Sie, dass derzeit keine Bewerbungen aus Ihrem Zuständigkeitsbereich für diese Stelle über diese Jobseite akzeptiert werden. Die Präferenzen der Kandidaten liegen im Ermessen des Arbeitgebers oder des Personalvermittlers und werden ausschließlich von diesen bestimmt.
Um nach Stellen zu suchen, sie anzusehen und sich zu bewerben, die Bewerbungen aus Ihrem Standort oder Land akzeptieren, klicken Sie hier, um eine Suche zu starten:
 
 
 
Suchen Sie hier nach weiteren Stellen:
(nach Beruf, Fähigkeit)
Standort
Increase search radius (miles)

Sprache der Stellenausschreibung
Lebenslauf-Kategorie
Bildungsgrad
Filter
Mindest-Bildungsgrad für die Stelle
Mindest-Berufserfahrung für die Stelle
Veröffentlicht in den letzten:
Gehalt
Fortgeschritten