Join LIFARS, Global Leader in Cybersecurity. Career in cyber security.

Join us!

At LIFARS, we provide world class cybersecurity solutions that help. LIFARS is a global leader in Incident Response, Digital Forensics, Ransomware mitigation and Cyber Resiliency Services. LIFARS expertise is called upon by intelligence agencies world-wide including the FBI, Homeland Security, Secret Services, NATO, Europol and Interpol.

Are You Up for the Challenge?

LIFARS operates with military speed and precision containing and remediating incidents swiftly and helping companies become more cyber resilient through our suite of services. Our reputation is paramount, and our talent needs to uphold our brand. We are continuously looking for bright innovative talent that is motivated and willing to learn.

LIFARS is growing and we are looking for top talent in all areas, from cyber forensic research and development to marketing and sales. People who thrive at LIFARS are those who can figure out new ways to get things done to drive results. Your creativity won’t hold you back here. People who are dynamic and flexible with drive and ambition will fit well into our progressive all-star team of professionals.

IoT Device Attacks

Sr. Forensic Examiner and Incident Responder

Whom are we looking for? LIFARS is looking for a Digital Forensic Examiner and Incident Responder to join our global Cybersecurity and Digital Forensics & Incident Response department. We need a highly driven, motivated, creative, reliable, diligent, detail-oriented, and clever individual to join our team. We are in a competitive environment and we need to “hack it” with innovative approaches. The desired candidate should have experience with cybersecurity, hands-on technical experience, theoretical understanding of forensic science, and be able to roll up their sleeves and work independently as needed.

About the role:

The primary responsibility of this role will be to provide software, hardware, and wireless, including mobile forensic examination support to the client based on submitted requirements for functionality and use of tools that have been developed. Leverage technical comprehension of relationships, dependencies, and requirements of hardware and software components, review and interpret forensics artifacts. Interpret submitted documentation, including user and functional requirements, and analyze the development of forensic examination reports according to a template to be provided to the client as a final deliverable.

Responsibilities:

Conduct digital forensic investigations and remediation, including after breach recovery and technical assessments as a part of the team or team leader
Conduct reactive incident response analysis including but not limited to: host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Initial Vector of compromise, and Indicators of Compromise (IOCs).
Forensically examine logs from remote solutions, routers, switches, load balancers, firewalls, web, databases, and other log sources to identify evidence and artifacts of potentially malicious and compromised activity.
Manage cybersecurity and digital forensics engagements for clients- team leader and responsible for lab organization, including policy and physical location for some areas of digital forensics work
Work with PM team on-boarded clients with IR retainers from technical perspective
Conduct incident response on site in US and North America, travel to client location and conduct evidence preservation
On demand as needed to implement internal security, policies and procedures for IT security areas under the direction of CISO
Work on various projects for clients – implementations, integrations, consulting and advisory
Prepare technical and awareness training for internal staff and clients
Independently lead computer incident investigations, determining the cause of the security incident and preserving evidence for potential legal action
Perform detailed forensic analysis on workstations, servers, phones, or any other digital media interface with business function owners, legal, human resources, technical personnel and others
Make recommendations on corrective action for incidents
Produce security incident and investigation reports/briefings
Willing to be called upon as an expert witness at criminal/civil trials
Analyze infrastructure security incidents to determine if incident qualifies as a legitimate security breach
Teach other team members advanced techniques in forensic investigations
Secure evidence and lab equipment management
Examination and reviewing of forensic evidence and cases
Creation/modification of forensic reports based on examination results
Virtual machine and workstation management for Cyber Security and forensic purposes

Requirements/Qualifications:

Deep technical knowledge of Windows and Linux system (workstations and servers)
Deep technical knowledge of forensics analysis of Windows and Linux systems (workstations and servers)
Minimum of 3 years of cyber/digital forensic investigative experience
Minimum of 1 years of incident response experience
Minimum of 3 years of experience in Windows desktop, server OS, Linux
1 professional certification such as: GCFA, CISSP, EnCE, CISA, GCFE, GCIH, CEH required
Technology skills with cyber security/forensic software (AccessData, Encase, etc.)
Microsoft Office (PowerPoint, Excel, Word, Outlook) experience preferred
Although our office is in New York, this position can be held in a remote location within the U.S.

Benefits of working at LIFARS:

You will be joining a cutting-edge team and will be able to influence the architecture, design, and structure of our core platform. You will tackle extraordinary challenges and work with the very BEST in the industry.

Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA  
Generous PTO  
Paid cyber education courses and certifications (SANS, CompTIA, etc.)
Speaking opportunities at industry events and promotions
Participation in Company Unit Allocation Plan (equity)
Paid Company Holidays  
Paid Sick Time  
Gym membership reimbursement  
Company phone
Numerous company-sponsored events and team building.  

LIFARS is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.


To apply send your resume and cover letter: Visit this page...

The Increasing Shortage of Cybersecurity Professionals

Senior Penetration Tester

Whom are we looking for? LIFARS is looking for a Sr. Penetration Tester to join our Offensive Security team. We need a highly driven, motivated, creative, reliable, diligent, detail-oriented, and clever individual to conduct penetration tests across many platforms, including social engineering and wireless testing. This is an exciting opportunity to support and enable organizations worldwide to prepare for and combat cyber-attacks.

*Ideal candidates will be located in either Slovakia or Czech Republic

Responsibilities:

Perform vulnerability scan, assessment and penetration testing on a variety of web and mobile applications, external and internal networks and Active Directory and cloud environments.

Be a part of the Offensive Security team that is working on phishing campaigns, red teaming engagements.

Be aware of new attack vectors and work proactively to mitigate them.

Exploit new vulnerabilities. (editing publicly available exploits)

Collaborate with other penetration testers and offensive security team members.

Assist in educating clients on exploited vulnerabilities and remediation strategies to protect against future exploits or attacks.

Research and learn new concepts, methodologies and tools, investigate new threats.

Creating case studies based on your latest security research.

Requirements:

Approximately 4 years of related work experience in the fields of computer science, information systems, engineering, or a related degree preferred. 

Experience in one or more of the following areas: attack and penetration testing; security testing of web and mobile-based applications; application security source code assessments. 

Strong Unix, NT, networking and wireless security skills and a deep understanding of TCP/IP networking. 

Strong technical skills related to a broad range of operating systems and databases; experience with programming in a mainstream language such as: Java, C, C++, C#, ASP, and .NET., Python, or similar language.

Manual penetration testing experience above and beyond running automated tools is required, understanding of OWASP testing guides and MITRE ATT&CK. 

Experience developing custom scripts or programs (e.g. vulnerability identification) as well as application development is a plus. 

Excellent presentation, and client service with advanced written and verbal communication and presentation skills. 

Able to work collaboratively in a team environment. 

One security- related certification such as the OSCP, GXPN, OSCE, CRTE or other relevant certification desired; non- certified hires are required to become certified within 1 year from the date of hire.

History of published security research assigned CVE vulnerabilities, history of successful bug bounty and CTFs are a plus.


Benefits of working at LIFARS:

 You will be joining a cutting-edge team and will be able to influence the architecture, design, and structure of our core platform. You will tackle extraordinary challenges and work with the very BEST in the industry.  

Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA  

Generous PTO  

Paid cyber education courses and certifications (SANS, CompTIA, etc.)

Participation in Company Unit Allocation Plan (equity)

Paid Company Holidays  

Paid Sick Time  

Gym membership reimbursement  

Company phone   

Numerous company-sponsored events and team building.  


LIFARS is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. 

To apply send your resume and cover letter: Visit this page...

Lifars Secure Code Review Reduce overall development costs

Sr. Malware Analyst

Whom are we looking for? LIFARS is looking for a Senior Malware Analyst to join our global Cybersecurity and Digital Forensics & Incident Response department. We need a highly driven, motivated, creative, reliable, diligent, detail-oriented, and clever individual to join our team. We are in a competitive environment, and we need to “hack it” with innovative approaches. The desired candidate should have experience with cybersecurity, hands-on technical experience, theoretical understanding of forensic science, and be able to roll up their sleeves and work independently as needed.

*Ideal candidate will be located in either Prague, Czech Republic or Bratislava, Slovakia

About the role:

The primary responsibility of this role will be to analyze and evaluate malicious code to create technical reports for indicators of compromise and to recommend mitigation and detection actions. You will work to continually improve current malware analysis techniques and identify new ways to improve malware identification best practices. TTPs, IoCS and understanding of malware persistence is needed to support digital forensics investigation. Conduct research and training on comprehending emerging malicious code threats. The individual in this position will work very closely with technical project managers, incident responders and the LIFAR CISO.

Responsibilities:

Conduct both dynamic and static analysis of suspicious code in order to establish malicious capability and determine potential impact.

Experience with host and network monitoring for analysis of malware execution & propagation methodologies.

Perform analysis on captured data, such as audit, log, network traffic, et cetera, to identify any intrusion-related artifacts.

Understanding of operating system-specific exploitation vectors, memory injections, vulnerabilities in operating systems related to malware execution and persistence.

Analyze malicious code by employing tools, scripting languages, and leveraging virtual machines/environments.

Generate documentation of vulnerabilities and exploits used by malware in written reports.

Communicate written and verbal information in a timely, clear, and concise manner.

Generate technical summary of findings in accordance with established reporting procedures.

Develop and recommend mitigation strategies.

Develop signatures, techniques, and rules to identify malware vectors.

Collaborate with internal and external organizations to discover new threats, develop mitigation techniques, processes, and tools which further the CSSP mission, as directed by the customer.

Evaluate emerging threats.

Correlate data from multiple sources to identify probable threat actors.



Requirements/Qualifications:

Minimum of four years’ experience in technology/tools specific to the target platforms.

Demonstrated experience using Commercial (IDA Pro, Hex-Rays, WinDbg, etc.) and Open Source tools like OllyDbg.

Understanding of behavioral based threat models like Cyber Kill Chain, etc.

Familiarity with Linux OS and mobile iOS/Android forensics.

Demonstrated experience writing code (C, C++, Python, Perl, Java, Powershell, Assembly language, etc.)

Capable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholders.

Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques.

A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats.

Understanding of software engineering methodologies.

Ability to analyze shellcode, and packed and obfuscated code, and their associated algorithms.

Understanding of common attacker methodologies and exploit techniques.

Capable of Python scripting to automate analysis and reverse engineering tasks.

Strong understanding of network protocols and networking concepts.

Strong understanding of Windows Operating System Internals and Windows APIs.

Strong understanding of the PE file format and experience parsing structured or unstructured data.

Good interpersonal, strong initiative, problem solving, organizational, writing, communications, and briefing skills.


Required Tools:

IDA Pro, Debuggers, disassemblers, virtual machines, hex editors, and un-packers, X-Ways and Open source methods and tools to perform malware forensic investigations.

Physical Requirements:

Use hands to operate a computer and other office productivity machinery, such as calculator, copy machine and computer printer.

The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

Required Certifications:

Possess at least one relevant professional designation or related advanced IT certification, but not limited to the following:

GIAC Reverse Engineering Malware (GREM)

GIAC Certified Incident Handler (GCIH)

GIAC Network Forensic Analyst (GNFA)

GIAC Intrusion Analyst (GCIA)


Benefits of working at LIFARS:

 You will be joining a cutting-edge team and will be able to influence the architecture, design, and structure of our core platform. You will tackle extraordinary challenges and work with the very BEST in the industry.  

Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA   

Generous PTO   

Paid cyber education courses and certifications (SANS, CompTIA, etc.)  

Speaking opportunities at industry events and promotions 

Participation in Company Unit Allocation Plan (equity) 

Paid Company Holidays   

Paid Sick Time   

Gym membership reimbursement   

Company phone 

Company paid travel to NYC office    

Numerous company-sponsored events and team building.   



LIFARS is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. 



To apply send your resume and cover letter: Visit this page...

Send your resume to: hr@lifars.com

Equal Employment Opportunity