Back to all jobs
About the role
<div class="content-intro"><p></p>
<h3>Company Overview</h3>
<p>Interactive Brokers Group, Inc. (Nasdaq: IBKR) is a global financial services company headquartered in Greenwich, CT, USA, with offices in over 15 countries. We have been at the forefront of financial innovation for over four decades, known for our cutting-edge technology and client commitment.</p>
<p>IBKR affiliates provide global electronic brokerage services around the clock on stocks, options, futures, currencies, bonds, and funds to clients in over 200 countries and territories. We serve individual investors and institutions, including financial advisors, hedge funds and introducing brokers. Our advanced technology, competitive pricing, and global market help our clients to make the most of their investments.</p>
<p>Barron's has recognized Interactive Brokers as the #1 online broker for six consecutive years. Join our dynamic, multi-national team and be a part of a company that simplifies and enhances financial opportunities using state-of-the-art technology.</p>
<p></p></div><p></p>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Position Overview:</strong></span></p>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">We are seeking an experienced Digital Forensics & IR Analyst to join our Cyber Defense capability, with a primary focus on Digital Forensics and Incident Response (DFIR). This role is responsible for conducting in-depth forensic investigations, evidence preservation, attack reconstruction, and root cause analysis, while supporting the SOC and Incident Response teams during complex and high severity incidents.</span></p>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Key Responsibilities</strong></span></p>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Digital Forensics & Investigations</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Run and execute forensic investigations involving endpoints, servers, network traffic, cloud platforms, and authentication systems</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Perform forensic data acquisition and preservation, ensuring proper chain-of-custody and evidentiary integrity</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Conduct timeline reconstruction, artifact analysis, and attack path analysis to determine scope, impact, and root cause</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Analyze disk, memory, logs, and security telemetry to identify attacker techniques and dwell time</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Support post incident‑ root cause analysis (RCA) and contribute to long term remediation recommendations</span></li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Incident Response & SOC Operations</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Support incident response activities for security events including malware, phishing, endpoint compromise, suspicious access, and network based‑ attacks</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Perform alert triage and investigation using SIEM and EDR platforms, escalating complex cases to senior IR or DFIR personnel</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Execute incident response playbooks during active incidents, following defined investigation and escalation procedures</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Perform <span style="font-size: 10pt;">deep dive log analysis</span><span style="font-size: 10pt;"> across Windows, Linux, network, and cloud environments</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Validate and enrich <span style="font-size: 10pt;">Indicators of Compromise (IOCs)</span><span style="font-size: 10pt;"> using internal tools and threat intelligence sources</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Correlate activity across SIEM, EDR, network, and authentication logs to identify scope and impact</li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong> </strong></span><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Documentation & Reporting</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Produce high quality forensic reports, investigation summaries, and executive level-incident documentation</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Ensure investigations meet internal, regulatory, and audit requirements</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Support legal, compliance, and regulatory teams by providing defensible forensic evidence when required</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Maintain accurate incident and investigation documentation within the incident management system</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Assist in preparing incident reports, forensic summaries, and lessons learned documentation</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Ensure investigations meet internal quality, audit, and compliance expectations</span></li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong> </strong></span><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Learning & Collaboration</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Work closely with SOC analysts, Incident Responders, and senior DFIR engineers</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Continuously build DFIR skills through hands-on investigations and training.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Stay current with attacker techniques, forensic methods, and SOC best practices</span></li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Required Skills & Experience</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">2+ years of hands-on experience in DFIR, Incident Response, and Security Investigations</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Strong experience with Host, memory and network-based forensics.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Proficiency with SIEM and EDR platforms for investigation and correlation</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Solid understanding of Windows, Linux, and networking.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Experience handling complex and high severity security incidents</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Strong analytical and documentation skills with attention to evidentiary detail</span></li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Preferred Qualifications</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Hands-on experience with forensic tooling (disk, memory, log, or network analysis tools)</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Forensics Tools: Encase, FTK, X-Ways, Autopsy, Magnet Axiom, Nuix, Cellebrite etc.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Malware Analysis Tools: DA Pro, Yara, volatility, Ghidra, etc.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Familiarity with legal hold, eDiscovery, and regulatory response workflows</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Relevant certifications: </span><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">GCFE, GCED, GCIH, GCIA, GNFA</span></li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Key Competencies</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Analytical thinking:</strong> Ability to perform root cause analysis (RCA).</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Communication:</strong> Ability to communicate technical risks to stakeholders.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Collaboration:</strong> Working with IT teams to improve security posture. </span></li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong> </strong></span><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Technical Environment:</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">SIEM platforms</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">EDR solutions</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Network monitoring tools</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Incident management systems</span></li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong> </strong></span><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Work Requirements:</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Willingness to work outside of standard working hours.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Incident response handling</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Alert triage and escalation</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Documentation and reporting</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Team collaboration</span></li>
</ul>
<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong> </strong></span><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>Growth Path:</strong></span></p>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Advanced IR certification support</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Threat hunting training</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Technical skill development</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Senior analyst progression</span></li>
</ul>
<h4><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Company Benefits & Perks: </span></h4>
<ul>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Competitive salary package.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Performance based annual bonus (<em>cash and stocks</em>).</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Hybrid working model (3<em> days office/week</em>).</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Group Medical & Life Insurance.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Modern offices with free amenities & fully stocked cafeterias.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Monthly food card & company paid snacks.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Hardship/shift allowance with company provided pickup & drop facility*</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Attractive employee referral bonus.</span></li>
<li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Frequent company sponsored team building events and outings.</span></li>
</ul>
<p>* <em>Depending upon the shifts.</em></p>
<p>**<em>The benefits package is subject to change at the management's discretion.</em></p>
<p></p>
741,000+ hidden jobs like this
Interactive Brokers and thousands of companies post here first — often days before LinkedIn or Indeed. Your first 5 applications are free; go Pro to apply without limits.
Everything Pro unlocks:
- Unlimited applications — free stops at 5
- Track every application in one place
- Apply straight to the source, one click
- Save & organize roles you love
- Roles pulled from company boards before the big sites
