ABOUT GROUP-IB: Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecuritytechnologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, and citizens, and support law enforcement operations.
Our mission is simple and unwavering: We fight against cybercrime. We are dedicated to protecting customers around the world by preventing breaches, eliminating fraud, and protecting brands. We do not just solve isolated incidents; we eradicate digital threats and build comprehensive defense systems to make the digital world a safer place for businesses, citizens, and law enforcement agencies alike.
Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.
Each of us can help make the world a safer place. Join us!
ABOUT THE ROLE:The Technical Lead will act as the primary technical anchor and initial escalation point during complex cybersecurity incidents. Led by a Regional Head, this role is deeply rooted in 24/7 technical excellence and cross-domain coordination. You will guide the technical direction of the team, provide extensive quality assurance, and drive the skill-up and professional growth of team members. This is a highly specialized, purely technical career path. It explicitly does not include team management, disciplinary leadership functions, or the responsibility to drive the overarching strategic vision of the DFIR teams. You are the ultimate technical authority, not the administrative manager. The DFIR vision: Our ultimate goal is to fight cybercrime by constantly learning and staying one step ahead of the attackers. We do not just solve isolated puzzles; we bring different security experts together to build a complete and strong defense. By handling a large volume of cases, we gain real, practical experience that makes us better every day. Instead of just handing our clients a confusing list of technical data or "homework," we focus on providing clear, actionable answers that explain exactly what happened and what it means for their business. Furthermore, we are constantly researching and looking ahead to ensure we are fully prepared for the future of automated cyber threats
YOUR MISSION:Normal DFIR Duties (24/7 Service) Provide continuous 24/7 service, which includes working on weekends. Conduct onsite engagements to support clients directly in critical situations. Apply hands-on technical expertise in default forensics fields: Windows, Linux, and Memory. Operate under the strategic guidance and leadership of a Regional Head. Specific Technical Lead Duties:Incident Management & Technical Direction:Lead the technical direction during high-stakes cybersecurity incidents. Act as the initial escalation point for the team and the clients. Support the team in resolving challenging, complex, and non-discrete problems. Make sound decisions with incomplete data, constantly balancing analytical depth versus the speed of response. Research & Technological Foresight:Actively engage in academic research and encourage the publication of papers and articles to drive the industry forward. Stay up-to-date with the continuous adaptation of new technologies and modern methodologies. Maintain a deep understanding of emerging tech, such as integrating and properly automating non-deterministic systems like LLMs into the investigative workflow. Provide research advisory to guide the team's investigative and academic efforts. Mentorship & Team Growth:Actively drive the skill-up and professional growth of DFIR team members. Provide research advisory to guide the team's investigative efforts. Offer speaking and presenting advisory to help team members communicate their findings effectively. Leverage your training and education experience to elevate the team's capabilities. Quality Assurance & Technical Depth:Maintain a technical deep-dive expertise in at least one specific forensics-related field. Support Quality Assurance by reviewing technical documents, editing, and conducting review evaluations. Utilize advanced technical writing skills to ensure reports meet the highest standards. Cross-Functional Coordination & Planning:Coordinate seamlessly across different domains and cybersecurity disciplines. Apply process and project management skills to ensure efficient delivery. Support the Regional Head in project planning, specifically in defining project scope descriptions. Utilize strong social skills, specifically expertise in HUMINT (understanding interpersonal dynamics and communication), to foster collaboration.
WHAT SUCCESS LOOKS LIKE:Previous 8 years experience in DFIR roles within cybersecurity organizations Fluent in English; proficiency in an additional language is highly preferred. Strong knowledge of DFIR methodologies, tools, and industry standards. Strong stakeholder management and interdepartmental collaboration skills High-level decision-making skills in dynamic and high-pressure environments. Proficiency in process management including process design and optimization. Experience in intelligence tradecraft across cyber and other domains is highly desirable. A proven track record in academic research is preferred.
OUR WORK ENVIRONMENT & CULTURE:At Group-IB, we believe that employee happiness is fundamental to success. We foster a supportive, inclusive, and dynamic workplace where every team member is empowered to grow. Whether you’re aiming to deepen your expertise, step into leadership, explore new departments, or take your career abroad, we provide diverse opportunities for professional development. Our team is made up of specialists from around the world who bring deep international expertise and thrive on solving complex challenges. You’ll be working with cutting-edge technologies recognized globally by Gartner, IDC, and Forrester, and contributing to projects that span across 60 countries alongside 450+ partners and 500+ clients. We take pride in our multicultural, values-driven culture—where mutual respect, collaboration, and shared goals unite us across borders. And with Group-IB’s continued global growth and financial stability, your career trajectory here can accelerate faster than in most traditional environments.
WHAT DO WE OFFER: Comprehensive Health Coverage Your well-being comes first. We offer health insurance to support you when it matters most. Certifications & Continuous Learning Our team holds over 1,000 globally recognized certifications, including CEH, CISSP, OSCP, and more. Through our incentive program, we cover the cost of professional development—because your growth fuels our innovation. Meaningful Challenges & Growth Paths From soft skills development to advanced technical training, a wide range of internal programs help you expand your skill set—and earn recognition and rewards along the way. Entrepreneurial spirit is encouraged We value initiative. Whether it’s launching a tech blog, organizing events, building communities, or starting a sports team—Group-IB is a place where bold ideas are supported and celebrated.