Digital Forensics and Incident Response Specialist

31 - CIOC · Toronto, Ontario
Department 31 - CIOC
Employment Type Full-Time
Minimum Experience Experienced

About Us 

At ISA Cybersecurity, our mission is to help clients achieve their privacy and security goals, and to be proactive in the fight against security threats. ISA is Canada’s leading cybersecurity-focused company, with nearly three decades of experience delivering cybersecurity services and people you can trust. We provide our clients with comprehensive counsel on complex, evolving, and multi-faceted issues related to cybersecurity and breach incident response.

ISA also offers a world-class 24/7 by 365 SOC 2 Type II certified CIOC (cybersecurity intelligence operations centre), giving our clients deeper insights and earlier warnings about coordinated cyber attacks. ISA strategically partners with many of the most respected security technology firms in the world. Through these relationships, our clients can gain access to a broad portfolio of industry-leading cyber solutions best suited to protect their corporate assets and customer data.

In today’s volatile world of digital threats, we help Canadian companies to better understand their current security posture and how to mitigate risks.

Why Join Us? 

At ISA, every employee makes a P.A.C.T. to embody our corporate core values, everyday. Our core values (Passion for Excellence, Accountability, Commitment, Trust) shape the community and culture we have built and are an active part of everything that we do. We also believe that what will make you great is your individual contributions to your team; think of your team as a start-up that learn from each other. If you’re looking for autonomy and no old-fashioned hierarchy, ISA and you could be a match made in heaven. 

About the Role

Do you have a passion in investigating computer crimes, malware, data breaches and helping companies out of a crisis? As a DFIR Specialist, you will be a team player on fast-moving team focused on rapidly innovating the state of cyber security, incident response and malware analysis. You will be a “go to” person for our customers to better understand their incident response processes leading to better response decisions. You will work with customers and our ISA team to build trusting relationships founded on expertise and passion for helping our customers identify threat actors within their environment.   

You possess strong understanding of existing and emerging threat actors, and are able to identify the tools, tactics and procedures of attackers. You have strong consulting skills, current technical skills in forensics and are adept in working emergency situations under tight deadlines.

Do you have what it takes to join our team? You will be joining a rapidly growing company with great employee perks. You will be given the opportunity for continuous development in the areas of network vulnerability evaluations and assessments, digital forensics, threat intelligence analysis, malware identification and analysis. You will also be joining a collaborative team where your contributions will make an impact and your voice will be valued.


  • Collaborate with the team for Incident Response customers; this includes onsite and offsite incident response activities to include triage and analysis within corporate IT environments
  • Collaborate with the team for hunts within IT environments; including initial planning phases, execution and reporting phase
  • Serve as investigator/analyst in incident investigations, hunts and day-to-day operations in IT environments
  • Generate playbooks and other content for customers
  • Assist in other service engagements such as tabletop exercises, assessments, training, etc


  • 1-3 years hands-on incident response experience
  • Skilled in intrusion analysis, incident response and forensics
  • Ability to analyze and interact with network protocols
  • Ability to run an investigation from start to finish including pivoting between data types and correlating events together
  • Desire to learn of network and host forensics, malware reverse engineering, latest incident response techniques. Prior experience is a big plus
  • Demonstration of ability to proactively hunt and identify malicious activity
  • Knowledge of Windows, Linux and a variety of networking hardware and various security toolsets
  • Ability to script with Python, bash, etc
  • Excellent social, verbal and written communication skills; ability work effectively with customers
  • Ability to share on-call responsibilities including non-standard hours, unplanned remote and onsite response efforts
  • Ability to travel up to 30% of the time (post-pandemic)

Education & Certifications:

  • Degree in IT Security, Engineering and Technology related fields or equivalent work experience
  • Proven certifications in cyber security related disciplines (e.g. SANS) GCIH, GCFA, GCFA, GNFA, GREM or (e.g. EC-Council) CHFI, ECIH
  • Other certifications that are a big plus: (e.g. Magnet) MCFE, (e.g. AccessData) ACE, (e.g. Encase) EnCE, (e.g. IACIS) CFCE

Thank You

Your application was submitted successfully.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

  • Location
    Toronto, Ontario
  • Department
    31 - CIOC
  • Employment Type
  • Minimum Experience