Careers at Group-IB

View open rolesInternships

About Group-IB

550+

employees

60+

countries where Group-IB products are used

18 years

of hands-on experience

20 000+

blocked phishing sites

70%

technical specialists

1 200+

high-profile investigations worldwide

Group-IB is the next generation of engineers and cybersecurity professionals who put forward bold and innovative ideas that help identify cyberattacks before they even begin.

We make the future safer by fighting international crime and creating products and services that protect people, businesses, and governments across the globe. Our solutions are based on exhaustive threat hunting operations and on monitoring the tactics, tools, and infrastructure used by attackers.

Ready to help make the world a safer place? Join Group-IB today.

Send us your CV to job@group-ib.com and specify the desired vacancy in the subject line.

Why Group-IB?

  • Our global HQ is in Singapore.
  • We are building a global threat hunting infrastructure and gaining visibility of local threat landscapes by opening offices in all major regions worldwide.
  • At Group-IB you can innovate and develop your own products and services while boosting your hard and soft skills.
  • You can gain experience in different teams and roles. Group-IB doesn’t limit your opportunities for involvement.
  • We can either help you choose a career path in cybersecurity or create a new profession for you and support your move to any of our international offices.

What we offer

Professional development

You can relocate to one of our international offices, try your hand in another department, or bring a new business idea to life.

You can relocate to one of our international offices, try your hand in another department, or bring a new business idea to life.

Training courses
and certificates

You will have the opportunity to complete professional training courses and certifications at the company’s expense.

You will have the opportunity to complete professional training courses and certifications at the company’s expense.

Healthcare

You will receive health insurance, including dental care.

You will receive health insurance, including dental care.

Personal growth

We organize a wide range of programs designed to improve your soft skills, teach new skills, and develop other areas of growth.

We organize a wide range of programs designed to improve your soft skills, teach new skills, and develop other areas of growth.

Incentives for initiatives

We encourage our team to contribute to technical blogs, write articles, create sports teams, and other activities in exchange for rewards.

We encourage our team to contribute to technical blogs, write articles, create sports teams, and other activities in exchange for rewards.
SingaporeAmsterdamRiyadhOther locationsMoscowInnopolisAll

Technical writer

About the role:

Group-IB Threat Hunting Framework (THF) is a comprehensive system for detecting sophisticated targeted attacks and proactive threat hunting. THF protects against all attack vectors — email, traffic, workstations — thanks to in-depth network traffic analysis technologies, behavioral analysis of files and links in isolated virtual environments, and malware detonation. THF detects zero-day threats, exploits, backdoors, malicious scripts, covert data transfer channels, and fileless threats. Thanks to this solution, hundreds of large companies all over the world are protected against sophisticated targeted attacks.

Tasks to solve:

  • Writing new and updating current operational documentation for hardware and software systems and their components.
  • Developing technical documentation for hardware and software systems in Russian.
  • Keeping documentation up to date.
  • Interacting with developers, engineers, and testers as part of documentation development tasks.
  • Taking part in product certification processes in accordance with the requirements of the Federal Service for Technical and Export Control (FSTEC) of Russia.

Apply for this vacancy if you have the following qualifications:

  • You are familiar with generally accepted documentation standards.
  • You have a higher education qualification.
  • You have experience working with technical writers in the IT field and interacting with developers and users.
  • You are familiar with FSTEC regulations for the certification of information protection tools and IT objects in accordance with information security requirements.
  • You have experience writing technical documents and making changes through notifications.
  • You have confident knowledge of the use of series 19 and 34 GOSTs (Russian State Standards) and the Russian Single Program Documentation System (SPDS) in documentation creation.
  • You have a good command of Russian.
  • You are able to clearly present technical information in text form and structure information.

What else we appreciate in our team:

For us, it’s important to speak the same language: openness and trust in a team helps us move forward. It would be great if:

  • You have qualities such as responsibility, precision, initiative, and attention to detail.
  • You speak English.
Send your CV to: job@group-ib.comShare vacancy
Copied

Python Programmer

About the role:

Group-IB Threat Hunting Framework (THF) is a comprehensive system for detecting sophisticated targeted attacks and proactive threat hunting. THF protects against all attack vectors — email, traffic, workstations — thanks to in-depth network traffic analysis technologies, behavioral analysis of files and links in isolated virtual environments, and malware detonation. THF detects zero-day threats, exploits, backdoors, malicious scripts, covert data transfer channels, and fileless threats. Thanks to this solution, hundreds of large companies all over the world are protected against sophisticated targeted attacks.

Part of the THF complex is Polygon — a system for dynamic analysis and classifying files by their behavior in the system and changes that occur after opening/execution of the object of analysis. Technically, the product is similar to a sandbox, but it has some important semantic differences, for example, in addition to the correct verdict, we really need the malicious file to work in the analytical environment as completely as possible and we pay a lot of attention to this completeness.

Many analytical questions arise during the development of the product that need to be researched. These relate to the search for new ways to implement new functionality; analysis of malicious files and their behavior; and detection methods.

We’re looking for Python developers who are able to answer researchers’ questions and who want to take part in the development of a complex and high-tech information security product.

Tasks to solve:

  • Performing low-level processing of binary files.
  • Creating APIs for existing projects.
  • Working with DBMS and building databases as part of the project.
  • Interacting with other project teams.

Apply for this vacancy if you have the following qualifications:

  • You have experience programming in Python and understand the concepts of the language and the Python way.
  • You have experience working with Flask.
  • You understand data structures, classic algorithms, and design patterns.
  • You have experience with Linux and understand the principles of the OS, including its low-level functions.
  • You understand the TCP/IP stack, networking technologies, and basic network protocols.
  • You understand the principles of the development of high-load systems.
  • You are able to understand other people's code and make justified software and architecture decisions.
  • You have a broad technical outlook.
  • Among your strengths, high productivity, involvement, and a focus on results stand out.

What else we appreciate in our team:

For us, it’s important to speak the same language: openness and trust in a team helps us move forward. It would be great if:

  • You have an interest in the field of information security.
  • You have worked with relational DBMSs.
  • You have a degree or qualification from a technical higher education institute or are in the senior years of study at a higher education institute.
Send your CV to: job@group-ib.comShare vacancy
Copied

Golang developer

Tasks to solve:

  • Participating in product development: developing analytical solutions, creating architecture solutions, coding, developing autotests (unit tests and functional testing).
  • Developing client-server apps.
  • Setting up CI/CD for new services.
  • Performing data analysis.
  • Key solution documentation.

Apply for this vacancy if you have the following qualifications:

  • You have experience of Golang or Python development.
  • You have experience working with RDBMS and NoSQL.
  • You have experience working with Git.
  • You have experience working with asynchronous/multi-point solutions.
  • You have knowledge of OOP, the basic design patterns, and when it is appropriate to use them.
  • You have a broad technical outlook and a desire to learn new things.
  • You have at least two years of commercial work experience.
  • You have qualities such as activeness and responsibility.

What else we appreciate in our team:

For us, it’s important to speak the same language: openness and trust in a team helps us move forward. It would be great if:

  • You have experience working with gRPC.
  • You have experience designing REST APIs.
  • You have experience working with Docker and message brokers (RabbitMQ/ActiveMQ/ZeroMQ/NATS or others).
  • You have experience writing tests.
Send your CV to: job@group-ib.comShare vacancy
Copied

Frontend Angular Developer

About the role:

The Group-IB team works on large and complex, but interesting projects in Angular 9 and using gRPC and web sockets (socket.io).

Tasks to solve:

  • Writing understandable, maintainable code.
  • Maintaining technical documentation on the functionality developed.
  • Writing unit tests.
  • Performing code reviews.

Apply for this vacancy if you have the following qualifications:

  • You understand the principles of the Rust language and infrastructure.
  • You understand the basics of email and network protocols.
  • You are able to work with synchronous and asynchronous code.
  • You possess skills in searching for information in documents and on the Internet, including in English.

What else we appreciate in our team:

For us, it’s important to speak the same language: openness and trust in a team helps us move forward. It would be great if:

  • Write understandable, maintainable code.
  • Maintain technical documentation on the functionality developed.
  • Write unit tests.
  • Perform code reviews.
Send your CV to: job@group-ib.comShare vacancy
Copied

Rust developer

About the role:

Group-IB Threat Hunting Framework (THF) is a comprehensive system for detecting sophisticated targeted attacks and proactive threat hunting. THF protects against all attack vectors — email, traffic, workstations — thanks to in-depth network traffic analysis technologies, behavioral analysis of files and links in isolated virtual environments, and malware detonation. THF detects zero-day threats, exploits, backdoors, malicious scripts, covert data transfer channels, and fileless threats. Thanks to this solution, hundreds of large companies all over the world are protected against sophisticated targeted attacks.

THF Atmosphere is a distributed stream processing and analysis system for detecting whether email traffic is malicious. When integrated with other elements of the THF ecosystem, it enables comprehensive email protection by notifying the recipient and blocking or modifying malicious messages.

Tasks to solve:

  • Developing modules for parsing and investigating email structure.
  • Developing and improving modules for integration with THF infrastructure.
  • Creating (often from scratch) modules for developing network protocols and standards.

Apply for this vacancy if you have the following qualifications:

  • You understand the principles of the Rust language and infrastructure.
  • You understand the basics of email and network protocols.
  • You are able to work with synchronous and asynchronous code.
  • You possess skills in searching for information in documents and on the Internet, including in English.

What else we appreciate in our team:

For us, it’s important to speak the same language: openness and trust in a team helps us move forward. It would be great if:

  • You have basic Python skills.
  • You have experience with SQL or NoSQL repositories (PostgreSQL, MongoDB, Redis).
  • You have experience with distributed systems.
  • You have an interest in the field of information security.
Send your CV to: job@group-ib.comShare vacancy
Copied

Threat Intelligence & Attribution Frontend React Developer

About the role:

Group-IB Threat Intelligence & Attribution is a system for investigation and attribution of cyberattacks, proactive threat hunting, and protection of network infrastructure based on data about criminals’ tactics, tools, and activity. Information comes from unique sources, 90% of which are closed: from gathering technical data from our own infrastructure to agents embedded in underground communities. Machine learning tools, automated data correlation systems, and network graphing with visualization of relationships are used.

Tasks to solve:

  • Developing the frontend part of the product (SPA) in Typescript.
  • Designing and implementing APIs.
  • Creating layouts based on Figma mock-ups.
  • Developing the corporate library of UI components.
  • Performing automatic deployment of Kubernetes, CI/CD.
  • Using GitLab + Jira.

Apply for this vacancy if you have the following qualifications:

  • You are confident using pure JavaScript (native).
  • You have good knowledge of the ReactJS + MobX stack, WebPack build, and Typescript.
  • You speak English (technical).

What else we appreciate in our team:

For us, it’s important to speak the same language: openness and trust in a team helps us move forward. It would be great if:

  • You know backend languages (Python/PHP would be an advantage).
  • You have a broad technical outlook.
Send your CV to: job@group-ib.comShare vacancy
Copied

Fraud Hunting Platform Frontend Reach Developer

About the role:

Group-IB Fraud Hunting Platform is a real-time online fraud prevention system.

Using proprietary developments based on machine learning and AI technologies, Fraud Hunting Platform is able to distinguish between the actions of a fraudster and a real user, as well as block malicious bots.

The system protects more than 120 million clients, including the largest companies in Russia and the CIS countries, Europe, Asia, Africa, and the Middle East. In 2019, the Fraud Hunting Platform was listed as one of the most high-tech fraud detection solutions by leading international analytics agency Gartner.

We will share more details about this solution at the interview.

Tasks to solve:

  • Developing and supporting SPA app interfaces.
  • Improving app stability.
  • Developing the corporate library of UI components.
  • Designing the architecture of the frontend application.
  • Evaluating the complexity of development, scheduling tasks, and managing them in Jira + GitLab.
  • Developing infrastructure solutions.

Apply for this vacancy if you have the following qualifications:

  • You have confident knowledge of JavaScript (ES5, ES6 standards) and its features, and HTML5 and CSS3.
  • You have confident knowledge of the Typescript - React - MobX stack.
  • You understand the BEM methodology.
  • You have confident knowledge of the Webpack models.
  • You are able to work with the Git version control system.
  • You understand the features of SPA apps.
  • You speak English (level B1 and higher).

What else we appreciate in our team:

For us, it’s important to speak the same language: openness and trust in a team helps us move forward. It would be great if you have:

  • Knowledge of Jest + Enzyme to write tests.
  • Development experience in Node.js.
  • Knowledge of programming languages such as Python, Go, and PHP.
  • Knowledge of SQL.
  • Team work experience.
  • A broad technical outlook.
Send your CV to: job@group-ib.comShare vacancy
Copied

HTML layout designer/frontend developer

Tasks to solve:

  • Cross-browser adaptive layout of landing pages (preferably based on Figma mock-ups).
  • Corrections to the existing layout, refining elements of existing pages.
  • HTML mailing list layouts.
  • Taking part in site migration to a new CMS.

Apply for this vacancy if you have the following qualifications:

  • You have excellent knowledge of HTML/CSS.
  • You have confident knowledge and mastery of JavaScript.
  • You use the Mobile First approach.
  • You are able to understand and perfect others’ code.
  • You know the basics of SEO.
  • You have an intermediate level of English.
Send your CV to: job@group-ib.comShare vacancy
Copied

UIUX Designer

Tasks to solve:

  • Taking part in the process of requirements gathering and interaction/agreement with business customers.
  • Studying product user feedback and making decisions as part of the product design.
  • Assessing the company’s products’ existing interface and developing suggestions to improve it.
  • User interface design for existing and new products: developing interface concepts and creating design layouts and prototypes.
  • Creating and supporting a single UI-kit for all products.
  • Quality control of interface implementation in finished products.

Apply for this vacancy if you have the following qualifications:

  • You have a portfolio (mandatory).
  • You are able to use prototyping and design tools (Figma + any appropriate tool for animation in interfaces).
  • You have at least two years’ experience in user interface development.
  • You understand the web development process, have a good grasp of the principles of adaptive layout, and understand the possibilities and limitations of web products.
  • You possess the knowledge and skills to build interfaces, and knowledge of current design trends.
  • You are able to create a user flow.
  • You are attentive to the existing product style and the support for and development of the design system.
  • You know how to communicate your ideas and thoughts to the development team.
Send your CV to: job@group-ib.comShare vacancy
Copied

Sales Support Assistant

About the role:

You will be required to play an important part in assisting the sales team expand the business in the APAC market. As a Sales Support Assistant you will be responsible to be the contact point for any administrative enquiries and referrals from the sales team, internal stakeholders, clients and external vendors in the APAC market.

Tasks to solve:

  • Assist the Sales Team in APAC with administrative matters (eg. preparation of NDA/MOU, filling up information of vendor information etc).
  • Build strong relationships internally and collaborate effectively on cross-functional teams.
  • Liaise with the legal and finance team advisors on all contract matters.
  • Housekeeping of Salesforce system including to ensure all new and existing contracts are up to date.
  • Monitor and follow up on payment terms and contract validity with clients.
  • Assist with scheduling meetings.
  • Conduct business correspondences.
  • Draft basic accounting documentation.
  • Build reports for management.
  • Manage list of partners and provide support for partners’ enablement.
  • Work closely with the Marketing team to assist on company’s events when needed.
  • Generate Commercial proposals.
  • Assist on any ad-hoc tasks as required by the team.
  • Report to the Head of Sales.

Apply for this vacancy if you have the following qualifications:

  • Diploma holder or equivalent work experience (recent graduates are welcome). Proven and significant experience in administrative support in a professional, fast paced, high profile environment.
  • Fluent English.
  • Solid communication skills.
  • Excellent knowledge of MS Office (Word, Excel, PowerPoint).
  • Prior experience working on Salesforce or other related CRM systems would be an advantage.
  • Flexibility and strong sense of responsibility.
  • Strong interest in the cybersecurity industry and willingness to work with top professionals.
  • Meticulous and well organized.
  • Possess a keen to learn attitude and is a team player.
Send your CV to: job@group-ib.comShare vacancy
Copied

Pre-sales manager (in Riyadh)

About the role:

You will be located in Riyadh and lead pre-sales activities in the Kingdom of Saudi Arabia. You will be working with Group-IB clients to deliver deployment and customization of solutions at the Customer’s site. As a technical advisor to the client you will make sure a successful solutions’ functioning and sales support to the team.

Tasks to solve:

  • Provide strong client engagement.
  • Formation of customer expectations from the results of services.
  • Preparation of project documentation.
  • Elaboration with customers of the product implementation architecture.
  • Management and control of pre-sale activities.
  • Conducting of seminars and trainings.
  • Delivery, installation and configuration of Group-IB solutions at the Customer’s site.
  • Remote deployment and customization of solutions.
  • Ensuring the functioning of the solution on pilots and during the subscription.
  • Technical customer support.

Apply for this vacancy if you have the following qualifications:

  • At least 3 years’ experience in Pre-Sales activities in high-tech industry.
  • Knowledge of practical information security (main threats, vulnerabilities and protection technologies, a common understanding of how a botnet works, what kinds of malware exist).
  • Highly developed technical capability across a wide range of cyber security products.
  • Ability to convey technical information into the business language.
  • Strong understanding of modern operating systems.
  • Strong understanding of modern cryptography.
  • Ready to learn and develop your skills to become a leading expert in the field.

What else we appreciate in our team:

  • Knowledge of network technologies (DNS, DHCP, IP, OSI/ISO, mail systems, SSL, VPN, SPAN, GRE, VLAN, etc).
  • Knowledge of different Operating Systems.
  • Strong ability to understand and analyze log and network packet data.
Send your CV to: job@group-ib.comShare vacancy
Copied

Investigation specialist (in Riyadh)

About the role:

A new cyber-fighter to support our mission in the region. We want to hire an all-around cybersecurity specialist and enthusiast interested in threat intelligence, cyber investigations and OSINT.

Tasks to solve:

  • Processing data about cyber incidents and assisting customers in response and data collection.
  • Handling cybersecurity incidents and identifying attackers.
  • Analyzing threat actor network infrastructure.
  • Tracking down threat actors across the clear, deep, and dark web using passive and active intelligence collection techniques.
  • Conducting forensic analysis on file system images, technical logs (web servers logs, email server logs, network logs, etc.), email headers, and other incident data.
  • Hunting for new threats and threat actors, investigating them and their activities.
  • Helping develop new ways to collect and analyze intelligence data.

Apply for this vacancy if you have the following qualifications:

  • Experience in cyber threat intelligence research, analysis, and/or OSINT investigations.
  • Proficiency in basic intelligence tools (DNS lookups, Nmap, packet analyzers, and platforms such as VirusTotal, Shodan, Censys, etc.).
  • Good technical understanding of network protocols: TCP/IP stack, Internet routing, HTTP(S), and DNS.
  • A solid grasp of how network infrastructure operates. A fundamental understanding of Internet governance and the relationships between ISPs, domain names, IP addresses, hosting providers, and CDN providers.
  • Experience in working with web technologies: hosting, servers, databases, mail servers, etc.
  • Knowledge of key aspects of digital forensics: static and dynamic analysis, network forensics, understating how modern OS (Windows, *nix) and FS (NTFS, FAT, ext4) work.
  • Proficiency in Linux and the ability to freely use bash or other shell scripts. Knowledge of how UNIX-based operating systems work, familiarity with related file systems structure, and basic Linux forensics skills.
  • Grasp of web application security essentials.

What else we appreciate in our team:

  • Bachelor’s and Master’s degree in Information Security, Digital Forensics or Computer Science (acquired or in progress).
  • Knowledge of Python or other scripting languages, ability to write own scripts.
  • Experience in digital forensics and/or incident response engagements.
  • Certifications in IS domain (GIAC, CompTIA, EC-Council, ICS2, etc.).
Send your CV to: job@group-ib.comShare vacancy
Copied

Cyber Threat Intelligence Analyst (in Riyadh)

Tasks to solve

  • Drive the Cyber intelligence operating environment preparation lifecycle.
  • Work with the CTI team and participate in the Cyber threat intelligence lifecycle.
  • Work with various teams to manage Cyber threat intelligence feeds, aggregation and sharing both internally and external.
  • Analysis of identified threats, detection of major risks and recommendations, search for additional information.
  • Communicate with owners of resources of illegal content.
  • Participate in investigations related to information security.
  • Perform analysis on campaigns, threat actor TTPs (Tactics, Techniques and Procedures), technical indicators of compromise, cyber-attack trend, and exploitation of technology.
  • Proactively identify and provide threat insights to improve overall Cybersecurity risk posture.
  • Participate in industry threat intelligence forums, maintain up-to-date security industry awareness and attack trends.

Apply for this vacancy if you have the following qualifications

  • Degree in Information Security, Computer Science, Engineering, International Relations, Security Studies, Intelligence Studies, or Cyber security.
  • Professional security related qualification (i.e. OSCP, GCIA, GCIH, GCFA, GPEN, CISSP etc.) is preferred.
  • Fluent English is a must, bonus for multiple languages.
  • Highly developed research and analytical skills.
  • Ability to leverage commercial and open source online research tools to identify and navigate resources - online forums, specialized Web sites, social media, dark web and other sources.
  • Good understanding of various Cyberattack TTPs and attack frameworks, IT and security infrastructure, operating systems.
  • Experience in some programming Python, use of analytics tools, big data sets, scripting python Perl/SQL and other query languages.
  • Exploits, Malware, Hacking, Penetration testing and Red teaming.
  • Hands-on experience with commercial and open source tools.
  • Process and procedure adherence.
  • Investigative and analytical problem solving skills.
  • Critical thinking and contextual analysis abilities.
  • Curious and inquisitive mindset.
  • Fluency in English and Arabic.
Send your CV to: job@group-ib.comShare vacancy
Copied

Digital forensic specialist (in Riyadh)

Tasks to solve

  • Visit clients to collect and formalize sources of digital evidence.
  • Collect and Recover data. Run necessary tools and your scripts for collection forensic artifacts.
  • Identify counter-criminalistic methods and techniques.
  • Reconstruct the most sophisticated cyberattacks based on the collected sources of digital evidence.
  • Conduct root cause analysis and provide recommendations for security improvement.
  • Present your high-level findings to Senior executives.

Apply for this vacancy if you have the following qualifications

  • Bachelor’s degree, preferably in Forensic Computing, Computer Science or Computer Security.
  • Knowledge of Digital Forensic Industry standards, chain of custody procedures, forensic methodologies, best practices and evidence handling.
  • An advanced understanding of complex data collection and preservation principles.
  • An advanced understanding of networking concepts and experience in working with networked systems.
  • An advanced understanding of security appliances including but not limited to IDS, IPS, Firewall, and SIEM systems.
  • An advanced understanding of Microsoft Windows and *nix operating systems.
  • Knowledge and experience with digital forensic hardware/software, such as Magnet AXIOM/IEF, BlackBag BlackLight, Cellebrite UFED, and other related hardware and software.
  • Knowledge and experience with personal computers and server hardware, to include RAID and networked drive storage systems, smartphones, tablets.
  • Experience in conducting forensic imaging and examinations of digital and electronic media, including, but not limited to: computer hard drives, external drives, mobile devices, network devices, and any other device that stores digital evidence.
  • Experience in conducting forensic analysis as part of incident response or incident investigations.
  • Maintaining forensic certifications, GCFE, GCFA, MCFE, or similar.
  • Strong attention to detail and high concern for data accuracy.
  • Fluency in English and Arabic.
Send your CV to: job@group-ib.comShare vacancy
Copied

Pre-Sales Manager (Worldwide)

About the role:

You will be located in the EMEA region with a remit to develop and then lead pre-sales activities globally for our new innovative solution for Attack Surface Management which operates to provide customers with comprehensive intelligence-driven evaluations of the external perimeter, alerting and security posture awareness.

You will be working with Group-IB partners and sales channel to enable & train them to deliver our solution through their customer base. As a technical advisor to the Channel Partners and End-Customers you will ensure their successful enablement, pre-sales engagement and technical support.

Tasks to solve:

  • Provide strong partner and customer engagement.
  • Develop global pre-sales function with business owner.
  • Product implementation architecture.
  • Management and control of pre-sale activities.
  • Conducting of seminars and trainings.
  • Remote deployment and customization of solutions.
  • Ensuring the functioning of the solution on pilots and during the subscription.
  • Technical customer support.

Apply for this vacancy if you have the following qualifications:

  • At least 3 years’ experience in Pre-Sales activities in cyber security. Penetration testing experience is considered a positive.
  • Knowledge of practical information security (main threats, vulnerabilities and protection technologies).
  • Developed technical capability across a wide range of cyber security products.
  • Ability to convey technical information into the business language.
  • Strong understanding of modern operating systems.
  • Ready to learn and develop your skills to become a leading expert in the field.
Send your CV to: job@group-ib.comShare vacancy
Copied

Lead Cybersecurity Trainer

About the role:

The position entails carrying out research in the fields of digital forensics and incident response, as well as shaping our technical content and presenting it to client companies all over the world.

Tasks to solve:

  • Holding training sessions (on-site, webinars, distance learning, and other formats).
  • Developing teaching and demonstration materials for presentations, editing existing materials, and creating presentations.
  • Creating new courses in digital forensics, incident response, reverse engineering, threat hunting, threat intelligence, and related topics.
  • Writing technical articles and speaking at specialist conferences.
  • Creating demonstration stands to showcase the methods for penetrating IT infrastructure and how to protect against these methods.
  • Collaborating with IT communities/enthusiasts/bloggers etc.

Apply for this vacancy if you have the following qualifications:

  • Degree in IT/information security.
  • At least 5 years’ practical experience in the field of IT/information security.
  • Level C1/C2 in English to create materials and deliver speeches in English to native speakers.
  • A high standard of verbal and written communication.
  • Experience in speaking at large events (conferences, workshops).

Technical skills:

  • Advanced knowledge in the field of information security (main threat types, vulnerabilities, security technologies).
  • An understanding of the operation and administration of the Windows, Linux, and MacOS operating systems (admin skills would be an advantage).
  • An understanding of the structures of various file systems (NTFS, FAT, ext3, ext4, etc.).
  • Knowledge of network technologies (network admin skills would be an advantage).
  • An understanding of the basics of how malware works.
  • An understanding of the processes of targeted cyberattacks.
  • An understanding of modern digital fraud schemes.
  • Skills or experience in penetration testing would be an advantage.
Send your CV to: job@group-ib.comShare vacancy
Copied

Internship (Junior CERT Analyst)

About the role:

The internship is the opportunity to join our team of highly professional specialists, get the unique experience and become our permanent member. We offer at least three months paid internship with possible subsequent employment in case of high performance. If you are a recent graduate or a final year-student with the technical background, if you are eager to be a part of cyber security company of the future and ready to disrupt the European cyber security market with us, apply for the internship.

Tasks to solve:

  • Collection and processing of information about computer attacks, reporting.
  • Communication and correspondence with clients; Ensuring prompt response to computer incidents.
  • Work with information security systems, SIEM, IDS, IPS, ticket systems, as well as linear functions of early warning of cyber threats.

Apply for this vacancy if you have the following qualifications:

  • Bachelor's degree in Information Security or IT (or final-year student).
  • Experienced user of Windows, *nix.
  • Able to clearly formulate thoughts both orally and in writing (mandatory).
  • Attentive, able to multitask.
  • Understanding of basic Internet technologies and malware operation principles.
  • Understanding of IDS/IPS systems.
  • Programming skills are an advantage.
Send your CV to: job@group-ib.comShare vacancy
Copied

CERT/SOC Analyst

About the role:

You will be required to play an important part in expanding our activities across EU market.

As a CERT/SOC analyst you will be responsible for prompt response to security threats and cyber incidents as well as liaising with customers. Using your professional expertise, you will be expected to generate contacts and collaboration among other CERTs.

Tasks to solve:

  • Respond to various threats, including blocking of phishing websites and resources that distribute malware.
  • Perform cyber incident analysis to include determining scope, urgency, potential impact and identify the specific vulnerability.
  • Provide targeted attack detection.
  • Develop custom signatures and analytics for the identification of targeted attacks.
  • Work with and communicate effectively to all customers and stakeholders.
  • Develop comprehensive and accurate reports based on common work with customers.
  • Provide detailed remediation guidance on protection of the source or initial point of access of intrusion.
  • Provide consultations to customers’ employees on threats targeting their networks.
  • Conduct training sessions for partners.
  • Set up and develop collaboration with FIRST, Trusted Introducer, and other CERT communities to share information about threats effectively and quickly.
  • Participate in the testing and development of the company’s products.
  • Interact with all of the company’s departments in all of its offices.
  • Speak at universities and specialized local and international conferences.

Apply for this vacancy if you have the following qualifications:

  • Industry-specific education (degree in Information Security, Computer Science, Security Studies, Intelligence Studies, Cybersecurity, etc.).
  • Experience in working with third-party CERTs and SOC teams, both private and public.
  • Experience working with analysis techniques, identifying indicators of compromise, threat hunting, identification of intrusions and potential incidents.
  • Experience with SIEM and SOAR systems as well as sandbox, IDS/IPS, and EDR solutions.
  • Experience in forensic investigation with malware analysis skills.
  • Knowledge of applicable legislation, including GDPR.
  • Field-specific certification (such as SSCP, CISSP, CISM, CEH) will be an advantage.
Send your CV to: job@group-ib.comShare vacancy
Copied

Junior CERT analyst (computer emergency response team)

What we will do together:

In 2011, we created the first 24/7 computer emergency response center in Eastern Europe, which today remains one of the largest in the world.

Since then, CERT-GIB has been on the frontlines protecting customers and ordinary users and providing round-the-clock monitoring and response to cyber threats, regardless of their source, the time of attack, and the target.

Based on global statistics and Group-IB’s Threat Intelligence & Attribution data, it is clear that the number of phishing attacks continues to increase year on year. Employees and customers around the world are falling victim to this type of attack, suffering annual losses totaling in the multimillions ofdollars.

Our team is looking for an analyst whose tasks will include performing proactive searches and analyses and countering phishing attacks and other fraud schemes. Another important responsibility of this specialist will be to manage interaction with other response teams around the world, contributing to the international effort to counteract phishing and other dangerous resources on the Internet.

Key Responsibilities:

  • To work with the system designed to detect and block phishing resources.
  • To collect and analyze information about phishing attacks.
  • To develop new mechanisms and methods for detecting and neutralizing phishing resources.
  • To conduct research on social engineering, Internet fraud, and other malicious schemes.
  • To manage the international interaction of response teams, foreign registrars, and hosting providers.

Requirements:

  • A degree (senior students are also welcome) in the field of information security or information technology.
  • Skills in searching for information using open sources.
  • Knowledge of basic Web technologies and protocols.
  • A good command of English (the ability to read technical literature, write business letters, and a good level of spoken English will be an advantage).
  • To be attentive and able to multitask efficiently.
  • Flexibility regarding your shift schedule, including a willingness to work nights and weekends.

Additional requirements:

  • Experience working at hosting centers or domain name registrars, especially in the abuse department or technical support.
  • Experience in writing regular expressions and developing basic sites and maintaining them.
  • Experience in CTF.
Send your CV to: job@group-ib.comShare vacancy
Copied

Junior SOC analyst (computer emergency response)

What we will do together:

In 2011, we created the first 24/7 computer emergency response center in Eastern Europe, which today remains one of the largest in the world.

Since then, CERT-GIB has been on the frontlines protecting customers and ordinary users and providing round-the-clock monitoring and response to cyber threats, regardless of their source, the time of attack, and the target.

Our team is looking for a junior SOC (Security Operations Center) analyst, whose tasks will include countering complex cyber threats and providing first aid in response to information security incidents.

The task may include:

  • Analyzing and classifying incidents.
  • Analyzing and identifying attack sources.
  • Providing guidelines for the localization of incidents.

As part of your work you will carry out proactive monitoring in order to prevent incidents and hunt for threats to detect indicators of complex attacks that cannot be detected by traditional cybersecurity solutions.

The analyst will work with the Threat Hunting Framework (THF), a complicated system for the detection of complex targeted attacks and proactive threat hunting, and you will assess and analyze incidents that occur on all penetration vectors: mail, traffic, and workstations.

Key Responsibilities:

  • Work with a group of systems designed to prevent and detect cyber threats.
  • Collect and process information about cyberattacks, prepare reports.
  • Provide a timely response to cyberattacks.
  • Assess the severity level of the incident and attribute threats.
  • Consult with customers and provide technical support in English and Russian.

Requirements:

  • A degree (senior students are also welcome) in the field of information security or information technology.
  • Skills in searching for information in open sources.
  • An understanding of the modern vectors, tactics, and techniques used to perform a cyberattack.
  • A good knowledge of the secure practices required when working with malware.
  • An understanding of the functions of network protocols and security tools and their roles.
  • A desire to develop your understanding and skills in the field of Threat Hunting.
  • A good command of English (the ability to read technical literature, write business letters, and a good level of spoken English will be an advantage).
  • Flexibility regarding your shift schedule, including a willingness to work nights and weekends.

Additional requirements:

  • Knowledge of OS architecture.
  • Experience in writing Python and PowerShell scripts to automate routine tasks.
  • Basic skills in static and dynamic malware analysis.
  • Experience in CTF.
  • Certificates in the field of cybersecurity.
Send your CV to: job@group-ib.comShare vacancy
Copied

Digital Forensic Specialist (in Singapore)

About the role:

Our forensic and malware analyses have helped victims of infamous hacker groups come out as victors in courts of law. We’ve done 1000+ successful investigations around the globe. To join us, you will need to live, breathe and dream about imaging, looking into a labyrinth of data and connecting the dots to help our clients while understanding the tactics, techniques and procedures used by the criminal to connect the dots to a potential attribution.

Tasks to solve:

  • Visit clients to collect and formalize sources of digital evidence.
  • Collect and Recover data. Run necessary tools and your scripts for collection forensic artifacts.
  • Identify counter-criminalistic methods and techniques.
  • Reconstruct the most sophisticated cyberattacks based on the collected sources of digital evidence.
  • Conduct root cause analysis and provide recommendations for security improvement.
  • Present your high-level findings to Senior executives.
  • Support or provide expert testimony in depositions, trials, and other proceedings, if required.
  • Consult with and take direction from supervisors, and clients regarding case investigation and status.
  • Contribute to a curriculum and conduct clients’ training sessions and workshops.
  • Develop and broaden forensic skills set through external training and research.
  • Support the mentorship and technical development of Consultants in Digital Forensics.
  • Participate in technical meetings and working groups to address issues related to malware security, vulnerabilities and issues of cybersecurity and preparedness.
  • Highly eloquent with public speaking experiences and the ability to represent Group-IB as a subject matter expert and present knowledge in industry conferences, webinars, and closed door sharing sessions.

Apply for this vacancy if you have the following qualifications:

  • Bachelor’s degree, preferably in Forensic Computing, Computer Science or Computer Security.
  • Knowledge of Digital Forensic Industry standards, chain of custody procedures, forensic methodologies, best practices and evidence handling.
  • An advanced understanding of complex data collection and preservation principles.
  • An advanced understanding of networking concepts and experience in working with networked systems.
  • An advanced understanding of security appliances including but not limited to IDS, IPS, Firewall, and SIEM systems.
  • An advanced understanding of Microsoft Windows and *nix operating systems.
  • Knowledge and experience with digital forensic hardware/software, such as Magnet AXIOM/IEF, BlackBag BlackLight, Cellebrite UFED, and other related hardware and software.
  • Knowledge and experience with personal computers and server hardware, to include RAID and networked drive storage systems, smartphones, tablets.
  • Experience with cloud infrastructures for the enterprise, such as Amazon Web Services (AWS), G Suite, Office 365, and Azure.
  • Experience with conducting log analysis if Windows Events Logs, Apache, IIS and firewall logs.
  • Proficiency with database querying and analysis.
  • Experience with command line tools (grep, sed, awk, powershell), python, and other programming languages.
  • Proficiency with MS Office Applications, and familiarity with Windows, Macintosh, and Linux operating systems.
  • Experience in conducting forensic imaging and examinations of digital and electronic media, including, but not limited to: computer hard drives, external drives, mobile devices, network devices, and any other device that stores digital evidence.
  • Experience in conducting forensic analysis as part of incident response or incident investigations.
  • Maintaining forensic certifications, GCFE, GCFA, MCFE, or similar.
  • Strong attention to detail and high concern for data accuracy.
  • Comfortable with intermittent period of significant work and travel, evening and weekend hours.
  • Fluency in English.
Send your CV to: job@group-ib.comShare vacancy
Copied

Cyber Threat Intelligence Analyst (in Singapore)

About the role:

One of the main tasks of Group-IB is to improve cybersecurity globally. The candidate’s role is to be responsible for the Threat Intelligence activities in the APAC countries. “Threat Intelligence” allows to track threat actors planning to, or targeting an organization.

Tasks to solve:

  • Drive the Cyber intelligence operating environment preparation lifecycle.
  • Work with the CTI team and participate in the Cyber threat intelligence lifecycle.
  • Work with various teams to manage Cyber threat intelligence feeds, aggregation and sharing both internally and external.
  • Analysis of identified threats, detection of major risks and recommendations, search for additional information.
  • Communicate with owners of resources of illegal content.
  • Participate in investigations related to information security.
  • Perform analysis on campaigns, threat actor TTPs (Tactics, Techniques and Procedures), technical indicators of compromise, cyber-attack trend, and exploitation of technology.
  • Proactively identify and provide threat insights to improve overall Cybersecurity risk posture.
  • Participate in industry threat intelligence forums, maintain up-to-date security industry awareness and attack trends.

Apply for this vacancy if you have the following qualifications:

  • Degree in Information Security, Computer Science, Engineering, International Relations, Security Studies, Intelligence Studies, Social Sciences or Cyber security.
  • Professional security related qualification (i.e. OSCP, GCIA, GCIH, GCFA, GPEN, CISSP etc.) is preferred.
  • Fluency in English is a must, Fluency in a second language (Any ASEAN language is advantageous).
  • Highly developed research and analytical skills.
  • Ability to leverage commercial and open source online research tools to identify and navigate resources - online forums, specialized Websites, social media, dark web and other sources.
  • Good understanding of various Cyberattack TTPs and attack frameworks, IT and security infrastructure, operating systems.
  • Experience in some programming Python, use of analytics tools, big data sets, scripting python Perl/SQL and other query languages.
  • Hands-on experience with commercial and open source tools to gather information.
  • Investigative and analytical problem solving skills.
  • Critical thinking and contextual analysis abilities.
  • Curious and inquisitive mindset.

What else we appreciate in our team:

  • Experience in Exploits, Malware, Hacking, Penetration testing and Red teaming.
Send your CV to: job@group-ib.comShare vacancy
Copied

Inside Sales Manager (in Singapore)

About the role:

As an Inside Sales manager, you will be an essential part of the International Business Development Team, helping to generate new great business opportunities. You will have a chance to start your career in cybersecurity sales and deliver our best-in-class solutions by making a deep dive into the industry.

Tasks to solve:

  • Execute campaigns to target new sales opportunities through follow-up and outbound cold calls/emails.
  • Work closely with the Business Development Team, Partner Channel and Marketing teams on lead management.
  • Route warm opportunities to the relevant sales executives for further development and closure.
  • Build and maintain a constant pipeline of new clients based on provided leads from marketing campaigns.
  • Update and maintain clients' database details within CRM in a diligent way.

Apply for this vacancy if you have the following qualifications:

  • You are a hunter and results-driven person in nature, seeking an opportunity to start and build your career in cybersecurity sales.
  • Client-centric mindset and approach.
  • Excellent analytical, communication and presentation skills.
  • Previous inside sales/sales experience in a tech field would be an advantage.
  • Strong passion for cyber security and high-tech technologies.
  • Degree in a relevant field (Business, Marketing, Management in IT/IS might be an advantage).
Send your CV to: job@group-ib.comShare vacancy
Copied

Software Test Analyst (in Singapore)

About the role:

You will be required to play an important part in expanding our activities across the APAC market. As a Software Test Analyst, you will be responsible to perform manual testing that targets customers’ web and mobile applications.

Tasks to solve:

  • Collect and review JavaScript codes for customer sites.
  • Perform manual testing for the web application across multiple browsers and mobile devices using proxies such as Charles or Fiddler.
  • Work on developer console in browser through JavaScript.
  • Rectify receipt and display of data on the Fraud Hunting Platform website.
  • Testing Automation.

Apply for this vacancy if you have the following qualifications:

  • At least 1 year of experience in development and testing (fresh grads are welcome to apply).
  • Able to test the integration of a JavaScript code on customer sites.
  • Basic knowledge on web, html, js, Android and iOS.
  • Able to build simple SQL queries.
  • Familiarity on using developer tool.
  • Basic understanding of git.
  • Able (or at least desire) to handle Charles or Fiddler proxy clients, to test the integration in apps.
  • Experienced in Android Studio and Xcode with simulators.
  • Experience with virtual machines is desirable (VMWare, VirtualBox, NOX, Genymotion, etc.).
  • Fluent English and solid communication skills.
  • Strong interest in the cybersecurity industry.
Send your CV to: job@group-ib.comShare vacancy
Copied

Junior Developer in Cybercrime Research Department (in Moscow)

Our department:

  • Our department is engaged in the research of cybercrime on underground forums, as well as the automated collection and analysis of data related to the activity of cybercriminals. The obtained data and research are used to enrich the closed “Threat Intelligence & Attribution” platform.
  • All this allows clients to receive timely information that is necessary to prevent cybercrime.
  • Cybercrime does not stand still and is constantly evolving, which motivates us to continuously develop, to look for non-standard approaches to solving problems.
  • For this reason, we are looking for someone who is ready to help us prevent such cybercrimes.

Tasks:

  • Automation of underground forums monitoring process.
  • Maintaining the monitoring system’s configuration, to reflect changes in the underground forums.
  • Work with DBMS systems to ensure the data reflects what is posted on underground forums, in a timely manner.
  • Add new data resources (underground forums) to the system.

Requirements:

  • Higher (or last year student) education in the field of information security or information technology.
  • Knowledge of Python at the level of writing parsers for various web resources.
  • Basic knowledge and skills to work with NOSQL-DBMS.
  • Personal OPSEC: you need to understand how to protect yourself and hide your actions when working with malicious resources.
  • English for reading documentation and communicating with the team.

Will be a plus if you have:

  • Knowledge of UNIX-like OS.
  • Experience working with Elasticsearch.
  • Basic Knowledge Javascript.
  • Basic Knowledge in Information Security (Main Threats, Types of Malware, Etc.).
Send your CV to: job@group-ib.comShare vacancy
Copied

Penetration Tester (in Singapore)

About the role:

You will be required to play an important part in expanding our activities across the APAC market. As a Penetration Tester, you will be responsible to perform penetration testing and vulnerability assessment that span across infrastructure, web application and mobile application.

Tasks to solve:

  • Perform Red Teaming and Wi-Fi Penetration Testing.
  • Perform Penetration Tests and Web-Application Vulnerability Assessments.
  • Generate comprehensive reports based on findings.
  • Provide mitigation strategies and remediation steps.
  • Familiarity with security principles, policies and industry best practices.

Apply for this vacancy if you have the following qualifications:

  • At least 2 - 3 years of experience in Penetration Testing and Vulnerability Testing.
  • Fluent English and solid communication skills.
  • Understanding of Web-Application development and common technologies.
  • Understanding of Web-Application vulnerability types(OWASP Top 10).
  • Familiarity with Penetration Testing tools(Cobalt Strike, Metasploit, Burp Suite, nmap, Bloodhound, scanners, etc).
  • Knowledge of popular operating systems, network technologies, network services.
  • Strong interest in the cybersecurity industry.

What else we appreciate in our team:

  • Certification in OSWE, OSCP, CREST (CRT, CIT, CWAT) or any relevant practical certification
  • Experience as a Team Lead of Penetration Testing Team
Send your CV to: job@group-ib.comShare vacancy
Copied

Product Marketing Manager (in Moscow)

Tasks to solve:

  • Conduct comprehensive analysis (competitors, market trends; post activity effectiveness evaluation) to maximize the marketplace performance.
  • Create and deliver compelling positioning messages through various marketing channels (promo materials, website, marketing campaigns, webinars, PR).
  • Create marketing collateral: leaflets, presentations, success stories, use cases, FAQs and others.
  • Manage website content for the assigned group of services.
  • Brainstorm new and creative growth strategies.
  • Communicate product information, marketing strategy and key activities to the sales team and other key departments.
  • Participate and organize industry associated events.

Apply for this vacancy if you have the following qualifications:

  • 5+ years of proven experience in B2B Product Marketing or related marketing role.
  • Excellent presentation and communication skills.
  • Proactive, able to multi-task and work as a part of a team.
  • Good at building partner relationships with different stakeholders.
  • Solid background within IT or relevant industry.
  • Advanced/ Fluent English.
Send your CV to: job@group-ib.comShare vacancy
Copied

Content Marketing Manager (in Moscow)

About the role:

As a content marketing manager, you will create great stories that will open up the world of cybersecurity to people, find ways to tell potential and existing clients how to make their work and life safer through our solutions, build the strongest and most recognizable brand of the company as the top experts in cybersecurity. You can work at our Moscow office or remotely.

Tasks to solve:

  • Produce high-quality articles, white papers, email campaigns, case studies, presentation content, web copy, and other necessary marketing content.
  • Serve as an exemplary writer, consistent with our company’s tone and mission. You write clean, concise, well-polished copy.
  • Continuously measure and improve content performance; create reports leveraging Google Analytics and social media analytics tools.
  • Build and maintain editorial calendar and written guidelines.
  • Stay up to date with the latest industry trends and customer challenges via personal research and communication with industry analysts in order to build a more effective editorial calendar.
  • Work closely with key stakeholders (i.e. product owners), product managers, and other departments to create effective marketing strategies that properly and consistently articulate the core benefits of our solution portfolio.
  • Coordinate with the design, marketing, and other internal teams to create and review all content and ensure a consistent message.

Apply for this vacancy if you have the following qualifications:

  • At least 3 years’ experience in a similar role in high-tech industry (financial services, IT products / services, legal / consulting).
  • Familiarity with product positioning principles and is ready to prepare a material based on selling points and value propositions provided by your colleagues.
  • Experience writing content from scratch for a B2B audience.
  • Experience working with marketing automation systems (Marketo, Hubspot), Google Analytics would be an advantage.
  • Technical writing experience is a plus.
  • Experience managing content projects, including coordinating with other teams.
  • Independent worker capable of managing multiple deadlines with little supervision.
  • Strong communicator and collaborator; able to work with a variety of teams, possessing excellent written communications skills.
  • Strong interest in cybersecurity technologies.
  • A good command of English (Upper Intermediate or above).
Send your CV to: job@group-ib.comShare vacancy
Copied

Design Director / Head of Design (in Moscow)

About the role:

We are looking for a Design Director/Head of Design to join the team with a background in creative direction, branding and design systems, and product design. Group-IB sets high standards for design as we believe that it makes a huge impact on customers decision making process, lead generation and brand empowerment.

You're a conceptual and creative thinker who can bring your ideas to life in new and inspiring ways. You have a strong point of view on design and it demonstrates in your work. When you decide to make something, you see your vision from concept to launch without any hand-holding.

You should have unwavering dedication to design excellence. You will hire and lead a multi-disciplinary team made up of creative directors, art directors, motion and web designers, illustrators, animators, and other professional roles to craft high quality experiences.

You will report directly to CEO of the company.

Tasks to solve:

  • Hire and manage a team of creatives (graphic, web, 3D/Motion designers) to execute on the work.
  • Lead Rebranding project and create a unified visual guide for the Company and various marketing/branding materials (presentations, website, 2D/3D schemes, and other graphic materials).
  • Create sketches, storyboards, prototypes, and design specs necessary to guide development of compelling and consistent experiences.
  • Work closely with the product marketing, digital marketing, art directors, product owners, content marketing teams to implement a cohesive visual style, voice, and tone.
  • Seek out creative opportunities to improve on existing style and approach.
  • Prioritize and execute on high-priority creative moments.

Apply for this vacancy if you have the following qualifications:

  • 5+ years of industry experience in a people management role on a design team.
  • 7+ years experience as a Creative Director/Art Director at a creative agency or an in-house team.
  • Experience shaping and leading product strategy.
  • A portfolio of work that contains examples of Interaction (UX), creative concepts, graphic materials.
  • Presentation, interpersonal, and communication experience.
  • Experience communicating concepts.
  • Expertise taking design feedback and incorporating it.
  • An excellent portfolio of design work.
  • Strong project management skills.
  • Good command of English: at least upper-intermediate.
Send your CV to: job@group-ib.comShare vacancy
Copied

B2B Marketing Manager (in Amsterdam)

About the role:

As a B2B marketing manager you will manage marketing activities for brand position and awareness, lead generation, content curation/creation, online and offline event organization across the whole of Europe. Partnering with regional sales leaders, you are going to establish marketing priorities aligned to both corporate objectives and local needs, and identify winning tactics to drive revenue growth.

Tasks to solve:

  • Create and execute marketing plans across different European markets.
  • Partner with the sales teams to grow customer references and case studies
  • Collaborate with channel partners to build joint marketing programs.
  • Execute account-based marketing strategy
  • Track and optimize B2B customer journey
  • Organize virtual and physical events and conferences
  • Manage content creation and localization

Apply for this vacancy if you have the following qualifications:

  • At least 1-year experience in a B2B environment, high-tech products or services will be preferred
  • Excellent communication skills for internal and external partners
  • Proven experience in managing large-scale campaigns and projects
  • Strong business acumen, attention to detail, and eagerness to learn
  • A systematic and structured approach to work
  • Self-starter, result-oriented mindset
  • Fluent in English, other languages are a plus
  • Bachelor degree or higher
Send your CV to: job@group-ib.comShare vacancy
Copied

Digital Forensics & Incident Response Specialist (in Amsterdam)

About the role:

  • Do you want to fight cybercrime?
  • Are you passionate about cybersecurity?
  • Are you good at solving puzzles and getting to the root of a matter?
  • Do you know how exploits work?
  • Are you ready to be the first on the cybercrime scene with a team of specialists?
  • Then we can offer you the job of your dreams. We are looking for Digital Forensics and Incident Response Specialist to join our team. You will be required to identify and collect sources of digital evidence, identifying the chain of infected computers during incident response, conduct forensic research and analysis, reconstruct the timeline of an attack, prepare conclusions, and generally get to the bottom of things.

Tasks to solve:

  • Respond to complex сyberthreat incidents
  • Conduct forensic analysis on workstations, servers and network traffic.
  • Visit clients to support them and collect digital evidences.
  • Recover data.
  • Identify counter-criminalistic methods and techniques.
  • Reconstruct the most sophisticated cyberattacks based on the collected sources of digital evidence.

Apply for this vacancy if you have the following qualifications:

Knowledge of the following:

  • How current operating systems are designed and where forensic artifacts in them are mainly located, as well as how to retrieve the artifacts quickly and efficiently and turn them into digital evidence.
  • Cybercrime trends, the main tactics, techniques and procedures used by attackers, and how they can be detected during forensic analysis. What is MITRE ATT&CK® and why is it needed.
  • How corporate networks are arranged and how cybercriminals usually behave once they get into them.
  • What is antivirus, firewall, proxy, EDR / XDR, IDS / IPS, SIEM, DLP, and other useful abbreviations.
  • How to communicate effectively with the customer and his IT staff.
  • How to write opinions and reports and how to fill out acts and forms.

What else we appreciate in our team:

  • Good Dutch and English.
  • Bachelor’s degree, preferably in Forensic Computing, Computer Science or Computer Security (but basically we don’t care about education if you’re skilled enough).
  • Writing YARA and SIGMA rules.
  • Writing scripts on Powershell (or whatever by your choice).
  • Basic malware analysis skills.
  • Experience in using free and commercial forensic software (Magnet AXIOM/IEF, BlackBag BlackLight, Cellebrite UFED, and other related hardware and softwar).
  • Maintaining forensic certifications, GCFE, GCFA, MCFE, or similar.
Send your CV to: job@group-ib.comShare vacancy
Copied

Business Development Manager (in Riyadh)

About the role:

Group-IB client base in the Kingdom of Saudi Arabia consists of the top clients and its number is fast growing.

Your mission will be to develop the business through the partner network and through direct engagements. You will engage, educate, and position the Group-IB Services and solutions to 3 teams inside the client organization: Information Security, Sales and Marketing, Risk and Fraud Prevention Team.

Tasks to solve:

  • The source:
    • Have a quick onboarding on Group-IB Services and Solutions.
    • Be up to date on the competitive landscape in your territory.
    • Have strong client CISO level access and contacts.
    • Strong relationship with the distribution and partners’ landscape.
    • Establish a clear cadence and governance with your clients and partners.
  • The Outcome:
    • Ensure revenue targets are met with a high level of accuracy.
    • Apply Group-IB Land and Expand Strategy with our core clients.
    • Communicate effectively and be a good ambassador to your territory.
    • Be insightful, creative and express your mind.
    • Be out of the box on special projects that improves our brand awareness.
    • Target, educate, and persuade new clients to use Group-IB products.

Apply for this vacancy if you have the following qualifications:

  • 7-10+ years of closing/quota carrying experience in the software industry, preferably within security, extra points for threat intelligence, or an actor-centric cyber security company.
  • BA/BS or equivalent combination of education and experience.
  • Track record of success consistently exceeding overall goals in security technology sales.
  • Entrepreneurial drive and ability to sell creative solutions into new markets.
  • Confidence and track record building a new territory.
  • Comfortable calling at the senior executive level.
  • Highly effective written, presentation, and closing skills.
  • Ability to travel extensively.
  • Dynamic, high-energy self-starter.
  • Experience with information security or threat intelligence a plus.
  • Fluency in English and Arabic language.
Send your CV to: job@group-ib.comShare vacancy
Copied

Business Development Manager (in Nordic)

About the role:

Being located in the Nordics, you will be responsible to take the success and reputation already developed in the region and hunt in your territory (Nordic countries) to use that success as a jump off point to sell other products, drive new business opportunities and be the spokesperson for Group-IB. You feel comfortable speaking with C-Level executives as well as the most highly skilled threat intelligence or anti-fraud specialists about threat actors such as Anunak, Cobalt, MoneyTaker, Silence, or Fraud Techniques and how to defend against them including credential stuffing, brute force attacks on websites, and bot activity to conduct price-scaping.

You will hunt new business and maintain those customers you have by being the go-to man or woman for the above topics.

Tasks to solve:

  • Develop and manage Nordic accounts.
  • Be the direct point of contact for all Scandinavian existing and future customers.
  • Build and maintain the channel in order to ensure that your partners, and in turn Group-IB, are making revenue to exceed their goals with us.
  • Identify, manage, and close multiple opportunities and projects at the same time, develop our commercial business in your territory and ensure accurate overview and forecasts.
  • Target, educate, and persuade new customers to use Group-IB products.

Apply for this vacancy if you have the following qualifications:

  • 3+ years of closing/quota carrying experience in the software industry, preferably within security, extra points for threat intelligence, or an actor-centric cyber security company.
  • Have experience working, or selling to the financial sector in Scandinavia.
  • Have experience working with the financial CERTs in the region.
  • BA/BS or equivalent combination of education and experience.
  • Track record of success consistently exceeding overall goals in security technology sales.
  • Entrepreneurial drive and ability to sell creative solutions into new markets.
  • Confidence and track record building a new territory.
  • Comfortable calling at the senior executive level.
  • Highly effective written, presentation, and closing skills.
  • Ability to travel extensively.
  • Dynamic, high-energy self-starter.
  • Experience with information security or threat intelligence a plus.
  • Fluency in English, bonus for multiple languages.
Send your CV to: job@group-ib.comShare vacancy
Copied

Business Development Manager (in Benelux)

About the role:

You will hunt in your territory (Benelux), drive new business opportunities by being a spokesperson for Group-IB. You feel comfortable speaking with C-Level executives as well as the most highly skilled threat intelligence or anti-fraud specialists about threat actors such as Anunak, Cobalt, MoneyTaker, Silence, or Fraud Techniques and how to defend against them including credential stuffing, brute force attacks on websites, and bot activity to conduct price-scaping. You will hunt new business and maintain those customers you have by being the go-to man or woman for the above topics.

Tasks to solve:

  • Develop the Benelux market and act as an industry go-to-expert in the areas of threat intelligence, anti-fraud, network security, incident response or other applicable cyber security topics.
  • Manage existing Benelux customers as well as hunt new opportunities in the market.
  • Manage existing distribution channel, evaluate its effectiveness and pivot if necessary to additional partners which can help you achieve your regional goals.
  • Work together with the EMEA partner manage to onboard, train and remain systematic with the channel to uncover new opportunities to develop revenue for our partners and solve problems for their customers.
  • Identify, manage, and close multiple opportunities and projects at the same time, develop our commercial business in your territory and ensure accurate overview and forecasts.
  • Target, educate, and persuade new customers to use Group-IB products.

Apply for this vacancy if you have the following qualifications:

  • 3+ years of closing/quota carrying experience in the software industry, preferably within security, extra points for threat intelligence, or an actor-centric cyber security company.
  • Have experience working, or selling to the financial sector in Scandinavia.
  • Have experience working with the financial CERTs in the region.
  • BA/BS or equivalent combination of education and experience.
  • Track record of success consistently exceeding overall goals in security technology sales.
  • Entrepreneurial drive and ability to sell creative solutions into new markets.
  • Confidence and track record building a new territory.
  • Comfortable calling at the senior executive level.
  • Highly effective written, presentation, and closing skills.
  • Ability to travel extensively.
  • Dynamic, high-energy self-starter.
  • Experience with information security or threat intelligence a plus.
  • Fluency in English, bonus for multiple languages.
Send your CV to: job@group-ib.comShare vacancy
Copied

Pre-Sales Manager (in Italy)

About the role:

You will be located in Italy and lead pre-sales activities in the Italy region. You will be working with Group-IB clients to deliver deployment and customization of solutions at the Customer’s site. As a technical advisor to the client you will make sure a successful solutions’ functioning and sales support to the team.

Tasks to solve:

  • Provide strong client engagement.
  • Formation of customer expectations from the results of services.
  • Preparation of project documentation.
  • Elaboration with customers of the product implementation architecture.
  • Management and control of pre-sale activities.
  • Conducting of seminars and trainings.
  • Delivery, installation and configuration of Group-IB solutions at the Customer’s site.
  • Remote deployment and customization of solutions.
  • Ensuring the functioning of the solution on pilots and during the subscription.
  • Technical customer support.

Apply for this vacancy if you have the following qualifications:

  • At least 5 years’ experience in Pre-Sales activities in high-tech industry.
  • Knowledge of practical information security (main threats, vulnerabilities and protection technologies, a common understanding of how a botnet works, what kinds of malware exist);
  • Highly developed technical capability across a wide range of cyber security products.
  • Ability to convey technical information into the business language.
  • Strong understanding of modern operating systems.
  • Strong understanding of modern cryptography.
  • Ready to learn and develop your skills to become a leading expert in the field.

What else we appreciate in our team:

  • Knowledge of network technologies (DNS, DHCP, IP, OSI/ISO, mail systems, SSL, VPN, SPAN, GRE, VLAN, etc).
  • Knowledge of different Operating Systems.
  • Strong ability to understand and analyze log and network packet data.
Send your CV to: job@group-ib.comShare vacancy
Copied

Pre-Sales Manager (in Singapore)

About the role:

You will be located in our Global HQ in Singapore and lead pre-sales activities within APAC market. You will be working with Group-IB clients to deliver deployment and customization of solutions at the Customer’s site. As a technical advisor to the client you will make sure a successful solutions’ functioning and sales support to the team.

Tasks to solve:

  • Provide strong client engagement.
  • Formation of customer expectations from the results of services.
  • Preparation of project documentation.
  • Elaboration with customers of the product implementation architecture.
  • Management and control of pre-sale activities.
  • Conducting of seminars and trainings.
  • Delivery, installation and configuration of Group-IB solutions at the Customer’s site.
  • Remote deployment and customization of solutions.
  • Ensuring the functioning of the solution on pilots and during the subscription.
  • Technical customer support.

Apply for this vacancy if you have the following qualifications:

  • At least 5 years’ experience in Pre-Sales activities in high-tech industry.
  • Knowledge of practical information security (main threats, vulnerabilities and protection technologies, a common understanding of how a botnet works, what kinds of malware exist);
  • Highly developed technical capability across a wide range of cyber security products.
  • Ability to convey technical information into the business language.
  • Strong understanding of modern operating systems.
  • Strong understanding of modern cryptography.
  • Ready to learn and develop your skills to become a leading expert in the field.

What else we appreciate in our team:

  • Knowledge of network technologies (DNS, DHCP, IP, OSI/ISO, mail systems, SSL, VPN, SPAN, GRE, VLAN, etc).
  • Knowledge of different Operating Systems.
  • Strong ability to understand and analyze log and network packet data.
Send your CV to: job@group-ib.comShare vacancy
Copied

APAC Partner Manager (in Singapore)

About the role:

You will be located in our Singapore Global HQ and lead all partners in coordination with our regional sales directors. You will be tasked with better organizing, activating and tracking existing partners, while identifying and acquiring new partners, onboarding them together with our internal training team and tracking their progress to help with business development throughout the APAC market. To be a successful candidate, you should be able to elevate what we already have developed in terms of partners throughout APAC and have a clear strategy to pull out additional value from existing partners.

Tasks to solve:

  • Work closely with the partners to promote Group-IB Sales growth.
  • Actively target, recruit and onboard new partners into the Group-IB ecosystem.
  • Assist partners during deployments, installations, troubleshooting and training of Group-IB
  • Products together with our pre-sales and technical teams.
  • Manage training and enablement of partner’s security analysts on an ongoing basis.
  • Develop and drive joint marketing activities with select partners.
  • Assist with demo environments, ensuring partners have necessary training and technologies to demonstrate to Group-IB customers.
  • Act as an interface between the Partners and other Group-IB technical staffs to resolve outstanding issues.
  • Represent Group-IB at relevant events, public speaking opportunities and other customer/partner forums as required.
  • Capture and communicate market intelligence, what partners are doing well, and partner feedback on a regular basis.

Apply for this vacancy if you have the following qualifications:

  • Proven track record of developing and managing an APAC channel in the fields of Threat Intelligence, Anti-Fraud or network security.
  • Minimum 5 years’ experience with an IT manufacturer with an emphasis on channel management.
  • Cyber domain expertise within a core security discipline (e.g. cyber threat hunting, security operations, forensics, incident response, threat detection, security assessments, or penetration testing) with additional knowledge of security tools, industry trends, and methodologies.
  • Excellent communication and presentation skills with the ability to present to a variety of external audiences, including C-level executives – keen sense of attention to detail.
  • Bachelor’s Degree in Computer Science, Cyber Security, or related field.
  • Strong administration skills and highly organized.
  • Ability to travel internationally up to 50% if the situation allows.
Send your CV to: job@group-ib.comShare vacancy
Copied

Junior Penetration Tester (in Singapore)

About the role:

The internship is the opportunity to join our team of highly professional specialists, get the unique experience and become our permanent member. We offer at least three months paid internship with possible subsequent employment in case of high performance. If you are a recent graduate or a final year-student with the technical background, if you are eager to be a part of cyber security company of the future and ready to disrupt the APAC cyber security market with us, apply for the internship.

Tasks to solve:

  • Perform Penetration Tests and Web-Application Vulnerability Assessments.
  • Generate comprehensive reports based on findings.
  • Provide mitigation strategies and remediation steps.

Apply for this vacancy if you have the following qualifications:

  • Understanding of Web-Application development and common technologies.
  • Understanding of Web-Application vulnerability types(OWASP Top 10).
  • Familiarity with Penetration Testing tools(Metasploit, Burp Suite, nmap, Bloodhound, scanners).
  • Knowledge of popular operating systems, network technologies, network services.
Send your CV to: job@group-ib.comShare vacancy
Copied

Junior Integration/Implementation Engineer (in Singapore)

About the role:

The internship is the opportunity to join our team of highly professional specialists, get the unique experience and become our permanent member. We offer at least three months paid internship with possible subsequent employment in case of high performance. If you are a recent graduate or a final year-student with the technical background, if you are eager to be a part of cyber security company of the future and ready to disrupt the APAC cyber security market with us, apply for the internship.

Tasks to solve:

  • Selection and assembling of hardware appliances for company’s network solutions.
  • Configuring and updating firmware and software.
  • OS deployment, its setup.
  • Delivery of prepared equipment to customers’ sites and its on-site implementation.
  • Technical support of customers, troubleshooting, participating in Q&A of the products.
  • Preparation of internal infrastructure for testing, deployment, updating, troubleshooting and demonstrations of company’s solutions.
  • Completing and updating the knowledge base about owned hardware equipment (hardware and software lifecycle management), software licenses, configurations, warranties, etc.
  • Automating manual tasks.
  • Participating in creation of business processes and pipelines for the integration team.

Apply for this vacancy if you have the following qualifications:

  • Understanding basic concepts of cybersecurity.
  • Understanding of computer architecture.
  • Confident knowledge of networking.
  • Experience of working with Linux: understanding OS architecture, working in CLI (without any GUI), bash scripting skills.
  • Ability to learn continuously.
Send your CV to: job@group-ib.comShare vacancy
Copied

Junior Cyber Security Analyst (in Singapore)

About the role:

The internship is the opportunity to join our team of highly professional specialists, get the unique experience and become our permanent member. We offer at least three months paid internship with possible subsequent employment in case of high performance. If you are a recent graduate or a final year-student with the technical background, if you are eager to be a part of cyber security company of the future and ready to disrupt the APAC cyber security market with us, apply for the internship.

Tasks to solve:

  • Participation with High-Tech Crime Investigation Department in the investigation of cyber incident like phishing, data theft, web server compromising, malware attacks, DDoS, etc.
  • Collecting digital evidence and its analysis: logs, emails, server’s and workstation images.
  • Reconstruction of the incident chronology, TTPs of threat actors and their toolkit.
  • OSINT tasks.
  • Developing of automation tools for logs processing and analysis.
  • Developing a set of measures for incident containing.

Apply for this vacancy if you have the following qualifications:

  • Knowledge and experience in working with OSINT skills.
  • Experience in Windows, Linux.
  • Understanding the work of Internet protocols (SMTP, POP3, IMAP, FTP, HTTP, SSL).
  • Understanding of DNS working principles (domains, Whois, IP addresses).
  • Experience with web hosting and email servers.
  • General understanding of databases, web servers, CMS.
  • Higher education (recent graduates or final year students).
  • Fluent Chinese and English.
Send your CV to: job@group-ib.comShare vacancy
Copied

Junior Cyber Threat Intelligence Analyst (in Singapore)

About the role:

The internship is the opportunity to join our team of highly professional specialists, get the unique experience and become our permanent member. We offer at least three months paid internship with possible subsequent employment in case of high performance. If you are a recent graduate or a final year-student with the technical background, if you are eager to be a part of cyber security company of the future and ready to disrupt the APAC cyber security market with us, apply for the internship.

Tasks to solve:

  • Work with the CTI team and participate in the Cyber threat intelligence lifecycle.
  • Analysis of identified threats, detection of major risks and recommendations, search for additional information.
  • Communicate with owners of resources of illegal content.
  • Developing of automation tools.
  • Participate in investigations related to information security.
  • Perform analysis on campaigns, threat actor TTPs (Tactics, Techniques and Procedures), technical indicators of compromise, cyber-attack trend, and exploitation of technology.

Apply for this vacancy if you have the following qualifications:

  • Degree in Information Security, Computer Science, Engineering, International Relations, Security Studies, Intelligence Studies, or Cyber security (or final-year student).
  • Curious and inquisitive mindset.
  • Critical thinking and contextual analysis abilities.
  • Investigative and analytical problem solving skills.
  • Experience in some programming Python, use of analytics tools, big data sets, scripting python Perl/SQL, ELK and other query languages.
  • Fluent English, Chinese is an advantage.
Send your CV to: job@group-ib.comShare vacancy
Copied

Junior Digital Forensics Specialist (in Singapore)

About the role:

The internship is the opportunity to join our team of highly professional specialists, get the unique experience and become our permanent member. We offer at least three months paid internship with possible subsequent employment in case of high performance. If you are a recent graduate or a final year-student with the technical background, if you are eager to be a part of cyber security company of the future and ready to disrupt the APAC cyber security market with us, apply for the internship.

Tasks to solve:

  • Conduct forensic imaging of computers, tablets, mobile phones and other potential sources of digital evidence.
  • Conduct forensic gathering of RAM, network traffic capture.
  • Process and analyze data with digital forensic tools.
  • Conduct computer forensic investigations followed by writing a report.
  • Collecting critical data that forms part of the eDiscovery process.
  • Support applications specific to eDiscovery.
  • Conduct research into project-related issues.
  • Drafting reports and presentations to explain the findings.
  • Manage inventory of evidence while adhering to chain of custody standard methodologies.
  • Perform other duties as assigned.

Apply for this vacancy if you have the following qualifications:

  • Bachelor’s degree, preferably in Forensic Computing, Computer Science or Computer Security (or final-year student).
  • Knowledge of Digital Forensic Industry standards, chain of custody procedures, forensic methodologies, best practices and evidence handling.
  • Understanding of complex data collection and preservation principles.
  • Understanding of networking concepts and experience in working with networked systems.
  • Understanding of security appliances including but not limited to IDS, IPS, Firewall, and SIEM systems.
  • Understanding of Microsoft Windows and *nix operating systems.
  • Strong attention to detail and high concern for data accuracy;
  • Fluency in English. Bonus for Chinese, or other local languages.
Send your CV to: job@group-ib.comShare vacancy
Copied

Junior Data Analyst (in Singapore)

About the role:

The internship is the opportunity to join our team of highly professional specialists, get the unique experience and become our permanent member. We offer at least three months paid internship with possible subsequent employment in case of high performance. If you are a recent graduate or a final year-student with the technical background, if you are eager to be a part of cyber security company of the future and ready to disrupt the APAC cyber security market with us, apply for the internship.

Tasks to solve:

  • The main area of work is the developing of a text data processing and analysis service (Natural Language Processing).
  • Unloading, exploring and preparation of text corpora (tokenization, lemmatization, filtering).
  • Analyzing the semantic relationship between text data.
  • Text corpora categorization by using probabilistic topic models.
  • Selection of metrics and quality evaluation of the categorization results.
  • Training neural network models for text classification.
  • Developing of services based on the obtained models.
  • Participation in university’s and specialized local conferences.

Apply for this vacancy if you have the following qualifications:

  • Knowledge in the field of probability theory and statistics.
  • Strong analytic skills.
  • Knowledge of Python language.
  • Experience of working with Linux: understanding OS architecture, working in CLI (without any GUI).
  • Ability to learn continuously.
Send your CV to: job@group-ib.comShare vacancy
Copied

Digital Risk Protection Analyst (in Moscow)

About the role:

As a part of Digital Risk Protection team, you will play an important part in protection the clients in the Middle East, helping them even more in fight against online brand abuse.

Tasks to solve:

  • Analytics and monitoring of web resources.
  • Analysis of brand violations in the Internet.
  • Work on phishing, Internet fraud.
  • Communication with owners of illegal content resources.
  • Independent communication and reporting to customers.
  • Analytics and research.

Apply for this vacancy if you have the following qualifications:

  • You have bachelor’s degree or you are a senior student with the opportunity to work full-time.
  • You are a confident user of Windows, Excel.
  • You understand operation principles of networks and the Internet.
  • You have experience in working with hosting centers or domain name registrars what will be your competitive advantage.
  • Responsibility, ability to learn quickly, literacy and accuracy are part of your personal qualities.
  • You are an Arabic speaker, Russian and English on a speaking level.
Send your CV to: job@group-ib.comShare vacancy
Copied

Pre-Sales Manager, Fraud Hunting Platform (in Singapore)

About the role:

You will be located in our Global HQ in Singapore and engage in pre-sales activities within the APAC market for Group-IB product - Fraud Hunting Platform. You will be working with Group-IB clients to deliver deployment and customization of solutions at the Customers site. As a technical advisor to the client, you will ensure successful solutions functioning and sales support to the team.

Tasks to solve:

  • Provide strong client engagement.
  • Formation of customer expectations from the results of services.
  • Preparation of project documentation.
  • Elaboration with customers of the product implementation architecture.
  • Management and control of pre-sale activities.
  • Conduct seminars and training.
  • Delivery, installation and configuration of Group-IB solutions at the Customers site.
  • Ensure the functioning of the solutions on pilots and during the subscription.
  • Technical customer support.

Apply for this vacancy if you have the following qualifications:

  • At least 3 years experience in cybersecurity/fraud prevention pre-sales or 5 years in high-tech IT industries.
  • Knowledge of practical information security (main threats, fraud landscape, vulnerabilities and protection technologies, a common understanding of how a botnet works, what kinds of malware exist, how fraudsters usually operate, and so on).
  • Highly developed technical capability across a wide range of anti-fraud solutions (sessional anti-fraud, transactional anti-fraud).
  • Ability to convey technical information into the business language.
  • Strong understanding of modern (including mobile) operating systems.
  • Strong understanding of modern cryptography.
  • Ready to learn and develop your skills to become a leading expert in the field.

What else we appreciate in our team:

  • Knowledge of network technologies (DNS, DHCP, IP, OSI/ISO, SSL, VPN, etc.).
  • Knowledge of different Operating Systems.
  • Knowledge of the architecture of web, android and iOS applications.
  • Knowledge of web technologies (browsers, web servers, general understanding of HTML/CSS, JS, frameworks, different protocols, etc.).
  • Fluent in any Asian Language.
Send your CV to: job@group-ib.comShare vacancy
Copied

Cyber Investigation Specialist (Hanoi, Vietnam)

About the role:

One of the main tasks of Group-IB is to improve cybersecurity globally. Therefore we’re seeking for a Cyber Investigation Specialist to be based in our Hanoi office. You will be a part of the Investigation Department, helping the team to fight cyber crimes across the APAC market.

Tasks to solve:

  • Monitoring of active cyber criminal groups operating in the APAC region;
  • Collecting threat intelligence about current threats
  • Processing of data about cyber incidents from customers and assisting them in response and data collection;
  • Handling cybersecurity incidents from the customers to identify attackers;
  • Analysis of threat actors network infrastructure;
  • Analysis of communications in Dark Web forums;
  • Forensics analysis of file system images, technical logs (web servers logs, email server logs, network logs etc.), email headers, etc.
  • Preparing of Investigation reports;
  • Consulting of clients in IT, forensics, incident response, cyber investigation questions;
  • Cooperation with law enforcement agencies in the APAC region, with Interpol and regional authorities/regulators responsible for cyber threats monitoring and investigation;
  • Assisting customers in the prosecution process as a technical specialist;
  • Management, training and educating employees of the department in digital forensics, incident response, threat intelligence and cyber investigations;
  • Participation in preparation of educational programs in cyber investigations;
  • Participation in writing articles and research on cyber investigations and digital forensics;
  • Participation in educational events, workshops, conferences;
  • Examining Trends in Cybercrime and Information Security.

Incidents we help investigate

  • Fraud and stealing of funds
  • Hacks and exfiltration of data
  • Attacks with malicious code
  • Phishing attacks
  • Information wars
  • Ransomware attacks
  • Insider attacks
  • Extortion and blackmailing
  • DDoS-attacks, and others.

Apply for this vacancy if you have the following qualifications:

  • Confident knowledge in the field of information security;
  • Strong experience in searching and collecting information from open sources (OSINT);
  • Basic level of Digital forensics;
  • Basic level of Incident response;
  • Deep knowledge of TTPs for the most popular APTs in APAC;
  • Understanding of Threat Intelligence basics;
  • Experience in administering Windows, Linux servers;
  • Working with web technologies: hosting, databases, mail servers, etc.;
  • Interviewing skills for investigation purposes;
  • Critical thinking, proactivity;
  • Ability to scrupulously analyze and organize information;
  • Ability to express your thoughts orally and in writing in a technical manner;
  • Ability to find non-standard solutions to problems.
  • Fluent in English and Vietnamese
Send your CV to: job@group-ib.comShare vacancy
Copied

PR Manager (Global)

About the role:

The main task of the Group-IB PR manager is to establish an impeccable reputation for the company in the international market and to mitigate risks in the regions of operation by improving the company’s information openness and transparency.

WHAT YOU WILL DO:

  • Participate in the creation of Group-IB’s comms strategy and shaping of the current information agenda for the relevant markets in the region.
  • Develop and launch PR campaigns, predict the effect of specific planned events on the company’s reputation.
  • Together with the Threat Intelligence, DFIR and other experts, maintain the corporate blog: create and find new angles for presenting tech content (reports, research papers) for the public.
  • Interact daily with traditional and new media (business, social and political, trade) to promote the company’s technologies, services, and research and other stories related to the company's ecosystem.
  • Work with the Design and Digital teams to create relevant content for Group-IB's own corporate digital assets.
  • Analyse and respond to media queries, including in situations when the agenda changes drastically and the relevant anti-crisis comms must be developed and implemented in a timely manner.
  • Ensure regular issue jumps featuring the company’s key spokespeople.
  • Learn Group-IB’s metrics to measure PR effectiveness of the campaigns, participate in the preparation of PR performance reports.

RELATED FIELDS OF RESPONSIBILITY AND INTERACTION WITH OTHER DEPARTMENTS:

  • Ensure wide coverage of the company’s events in international mass media.
  • Liaison with marketing divisions, using news opportunities (exhibitions, presentations, conferences, etc.) to ensure that the company’s reputation benefits from the attraction of public attention through the media.
  • Cooperate with other divisions concerning PR support issues:
  • Launch of new products and services (marketing, development);
  • Participation in the promotion of PR achievements internally (internal communications);
  • Participation in the implementation of social programs and special corporate projects (internal communications, HR);
  • Preparation of content for the company’s internal media (internal communications).

APPLY FOR THIS VACANCY IF:

  • Share our values and understand our mission — fight against cybercrime
  • Have three or more years of work experience preferably in information security, IT or high-tech industry
  • Able and willing to dive deep into complex topics, analyse them, assess the risks, and give enough attention to details when preparing content for the media and the corporate blog
  • Have necessary skills to communicate with international media and relevant journalists
  • Fluent in both English and Russian
  • Ready to work in a dynamic environment
  • Willing to take responsibility
  • Proactive and creative, because we have no boring tasks
Send your CV to: job@group-ib.comShare vacancy
Copied

Business Development Manager (Delhi, India)

THE ROLE:

You will be located in New Delhi and hunt in your territory, driving new business opportunities by being a spokesperson for Group-IB. You feel comfortable speaking with C-Level executives as well as the most highly skilled threat intelligence or anti-fraud specialists about threat actors such as Anunak, Cobalt, MoneyTaker, Silence, or Fraud Techniques and how to defend against them including credential stuffing, brute force attacks on websites, and bot activity to conduct price-scaping. You will hunt new business and maintain those customers you have by being the go-to man or woman for the above topics.

TASKS TO SOLVE:

  • Develop and manage accounts in your territory
  • Identify, manage, and close multiple opportunities and projects at the same time, develop ourcommercial business in your territory
  • Ensure accurate overview and forecasts of sales activities
  • Develop long-term strategic relationships with key accounts
  • Target, educate, and persuade new customers to use Group-IB products.

APPLY FOR THIS VACANCY IF YOU HAVE THE FOLLOWING QUALIFICATIONS:

  • 5+ years of closing/quota carrying experience in the software industry, preferably within security, extra points for threat intelligence, or an actor-centric cyber security company.
  • BA/BS or equivalent combination of education and experience.
  • Track record of success consistently exceeding overall goals in security technology sales.
  • Entrepreneurial drive and ability to sell creative solutions into new markets.
  • Confidence and track record building a new territory.
  • Comfortable calling at the senior executive level.
  • Highly effective written, presentation, and closing skills.
  • Ability to travel extensively.
  • Dynamic, high-energy self-starter.
  • Experience with information security or threat intelligence is a plus.
Send your CV to: job@group-ib.comShare vacancy
Copied

Business Development Manager (Singapore)

THE ROLE:

You will be located in Singapore and hunt in your territory, driving new business opportunities by being a spokesperson for Group-IB. You feel comfortable speaking with C-Level executives as well as the most highly skilled threat intelligence or anti-fraud specialists about threat actors such as Anunak, Cobalt, MoneyTaker, Silence, or Fraud Techniques and how to defend against them including credential stuffing, brute force attacks on websites, and bot activity to conduct price-scaping. You will hunt new business and maintain those customers you have by being the go-to man or woman for the above topics.

TASKS TO SOLVE:

  • Develop and manage accounts in your territory
  • Identify, manage, and close multiple opportunities and projects at the same time, develop our commercial business in your territory
  • Ensure accurate overview and forecasts of sales activities
  • Develop long-term strategic relationships with key accounts
  • Target, educate, and persuade new customers to use Group-IB products.

APPLY FOR THIS VACANCY IF YOU HAVE THE FOLLOWING QUALIFICATIONS:

  • 5+ years of closing/quota carrying experience in the software industry, preferably within security, extra points for threat intelligence, or an actor-centric cyber security company.
  • BA/BS or equivalent combination of education and experience.
  • Track record of success consistently exceeding overall goals in security technology sales.
  • Entrepreneurial drive and ability to sell creative solutions into new markets.
  • Confidence and track record building a new territory.
  • Comfortable calling at the senior executive level.
  • Highly effective written, presentation, and closing skills.
  • Ability to travel extensively.
  • Dynamic, high-energy self-starter.
  • Experience with information security or threat intelligence is a plus.
Send your CV to: job@group-ib.comShare vacancy
Copied

Content Marketing Manager (Global)

THE ROLE:

As a content marketing manager, you will create great stories that will open up the world of cybersecurity to people, find ways to tell potential and existing clients how to make their work and life safer through our solutions, build the strongest and most recognizable brand of the company as the top experts in cybersecurity. You can work at one of our offices or remotely from EMEA/APAC markets.

TASKS TO SOLVE:

  • Produce high-quality articles, white papers, email campaigns, case studies, presentation content, web copy, and other necessary marketing content.
  • Serve as an exemplary writer, consistent with our company’s tone and mission. You write clean, concise, well-polished copy.
  • Continuously measure and improve content performance; create reports leveraging Google Analytics and social media analytics tools.
  • Build and maintain editorial calendar and written guidelines.
  • Stay up to date with the latest industry trends and customer challenges via personal research and communication with industry analysts in order to build a more effective editorial calendar.
  • Work closely with key stakeholders (i.e. product owners), product managers, and other departments to create effective marketing strategies that properly and consistently articulate the core benefits of our solution portfolio.
  • Coordinate with the design, marketing, and other internal teams to create and review all content and ensure a consistent message.

APPLY FOR THIS VACANCY IF YOU HAVE THE FOLLOWING QUALIFICATIONS:

  • At least 3 years experience in a similar role in high-tech industry.
  • Familiarity with product positioning principles and is ready to prepare a material based on selling points and value propositions provided by your colleagues.
  • Experience working with marketing automation systems (Marketo, Hubspot), Google Analytics would be an advantage.
  • Technical writing experience is a plus.
  • Knowledge and experience of localization best practices.
  • Experience managing content projects, including coordinating with other teams.
  • Independent worker capable of managing multiple deadlines with little supervision.
  • Strong communicator and collaborator; able to work with a variety of teams, possessing excellent written communications skills.
  • Strong interest in cybersecurity technologies.
Send your CV to: job@group-ib.comShare vacancy
Copied

Marketing Specialist

THE ROLE:

In this role, you will be responsible for the design, implementation and execution of field marketing campaigns and events as part of expanding our marketing activities across the APAC market. You will work closely with the APAC and Global Marketing Team and Sales Team to promote lead generation and create upsell opportunities.

TASKS TO SOLVE:

  • Execution of the regional marketing plan in APAC and provide marketing support for the APAC Sales team.
  • Plan and execute of APAC marketing activities, optimize lead flow and ensure accurate andtimely data capture and upload.Localize and produce all marketing collaterals in a timely and accurate manner across APAC
  • Liaise with external agencies and vendors and manage deliverables.
  • Assist in market research and generating go-to-market strategies.Develop creative and innovative ways to maximize marketing opportunities.
  • Monitor and tabulate marketing expenses within given marketing budget
  • Be part of the team that strategies marketing plans and objectives, working closely with FieldMarketing Manager, APAC, Business Development Managers and the global marketing team.

APPLY FOR THIS VACANCY IF YOU HAVE THE FOLLOWING QUALIFICATIONS:

  • 3 years Marketing experience with at least 1 year experience in business-to-business (B2B) environment, high-tech products or services will be preferred.
  • A Bachelor Degree from a reputable local university with good academic achievement.
  • Experience in Marketing Automation Tool such as Marketo Strong project management skills with demonstrated ability to manage multiple programs and priorities across different teams.
  • Strong communication skills, excellent level of written and spoken English.
  • Ability to manage budget and manage multiple priorities under tight project deadlines.
  • Can-do attitude, multitasker and willing to go the extra mile.Strong business acumen, attention to detail and eager to learn.
Send your CV to: job@group-ib.comShare vacancy
Copied

Business Development Manager (Thailand)

ABOUT THE ROLE:

You will be located in Bangkok, Thailand and hunt in your territory, driving new business opportunities by being a spokesperson for Group-IB. You feel comfortable speaking with C-Level executives as well as the most highly skilled threat intelligence or anti-fraud specialists about threat actors such as Anunak, Cobalt, MoneyTaker, Silence, or Fraud Techniques and how to defend against them including credential stuffing, brute force attacks on websites, and bot activity to conduct price-scaping. You will hunt new business and maintain those customers you have by being the go-to man or woman for the above topics.

TASKS TO SOLVE:

  • Develop and manage accounts in your territory
  • Identify, manage, and close multiple opportunities and projects at the same time, develop our commercial business in your territory
  • Ensure accurate overview and forecasts of sales activities
  • Develop long-term strategic relationships with key accounts
  • Target, educate, and persuade new customers to use Group-IB products.

APPLY FOR THIS VACANCY IF YOU HAVE THE FOLLOWING QUALIFICATIONS:

  • 5+ years of closing/quota carrying experience in the software industry, preferably within security, extra points for threat intelligence, or an actor-centric cyber security company.
  • BA/BS or equivalent combination of education and experience.
  • Track record of success consistently exceeding overall goals in security technology sales.
  • Entrepreneurial drive and ability to sell creative solutions into new markets.
  • Confidence and track record building a new territory.
  • Comfortable calling at the senior executive level.
  • Highly effective written, presentation, and closing skills.
  • Ability to travel extensively.
  • Dynamic, high-energy self-starter.
  • Experience with information security or threat intelligence is a plus.
Send your CV to: job@group-ib.comShare vacancy
Copied

Business Development Manager (India)

ABOUT THE ROLE:

You will be located in Mumbai or Bangalore and hunt in your territory, driving new business opportunities by being a spokesperson for Group-IB. You feel comfortable speaking with C-Level executives as well as the most highly skilled threat intelligence or anti-fraud specialists about threat actors such as Anunak, Cobalt, MoneyTaker, Silence, or Fraud Techniques and how to defend against them including credential stuffing, brute force attacks on websites, and bot activity to conduct price-scaping. You will hunt new business and maintain those customers you have by being the go-to man or woman for the above topics.

TASKS TO SOLVE:

  • Develop and manage accounts in your territory
  • Identify, manage, and close multiple opportunities and projects at the same time, develop our commercial business in your territory
  • Ensure accurate overview and forecasts of sales activities
  • Develop long-term strategic relationships with key accounts
  • Target, educate, and persuade new customers to use Group-IB products.

APPLY FOR THIS VACANCY IF YOU HAVE THE FOLLOWING QUALIFICATIONS:

  • 5+ years of closing/quota carrying experience in the software industry, preferably within security, extra points for threat intelligence, or an actor-centric cyber security company.
  • BA/BS or equivalent combination of education and experience.
  • Track record of success consistently exceeding overall goals in security technology sales.
  • Entrepreneurial drive and ability to sell creative solutions into new markets.
  • Confidence and track record building a new territory.
  • Comfortable calling at the senior executive level.
  • Highly effective written, presentation, and closing skills.
  • Ability to travel extensively.
  • Dynamic, high-energy self-starter.
  • Experience with information security or threat intelligence is a plus.
Send your CV to: job@group-ib.comShare vacancy
Copied

Digital Risk Protection Analyst (Vietnam)

ABOUT THE ROLE:

Digital Risk Protection — a technological service designed to detect and eliminate threats to brands on the Internet. We prevent financial and reputational damage caused to businesses by brand abuse, Internet fraud, online piracy, counterfeiting. Now we need you to spread our activities in APAC and help even more clients in the fight against online brand abuse.

TASKS TO SOLVE:

  • Providing service to the largest banks and international companies;
  • Analytics and monitoring of web resources;
  • Detection of brand violations on the Internet;
  • Work against phishing, Internet fraud, illegal trademark usage, copyright violations;
  • Communication with owners of illegal content resources;
  • Clients' support and care;
  • Research

APPLY FOR THIS VACANCY IF YOU HAVE THE FOLLOWING QUALIFICATIONS:

  • You have a bachelors degree or you are a senior student with the opportunity to work full-time (we are ready to consider junior level specialists);
  • You are devoted to fighting cybercrime;
  • You want to work in an international company;
  • You are a confident user of Windows, Excel;
  • You understand operation principles of networks and the Internet;
  • You have experience in working with hosting centers or domain name registrars what will be your competitive advantage;
  • Responsibility, ability to learn quickly, literacy, and accuracy are part of your personal qualities;
  • Ability to work and communicate with remote teams;
  • You speak English and Vietnamese (native) fluently.
Send your CV to: job@group-ib.comShare vacancy
Copied

Pre-Sales Manager (Vietnam)

ABOUT THE ROLE:

You will be located in our Hanoi Office and lead pre-sales activities within the Vietnam market. You will be working with Group-IB clients to deliver deployment and customization of solutions at the Customers site. As a technical advisor to the client you will make sure a successful solutions functioning and sales support to the team.

TASKS TO SOLVE:

  • Provide strong client engagement.
  • Formation of customer expectations from the results of services.
  • Preparation of project documentation.
  • Elaboration with customers of the product implementation architecture.
  • Management and control of pre-sale activities.
  • Conduct seminars and training.
  • Delivery, installation and configuration of Group-IB solutions at
  • the Customers site.
  • Remote deployment and customization of solutions.
  • Ensure the functioning of the solutions on pilots and during the subscription.
  • Technical customer support.

APPLY FOR THIS VACANCY IF YOU HAVE THE FOLLOWING QUALIFICATIONS:

  • At least 3 years experience in Pre-Sales activities in the high-tech industry or 5 years experience in cyber security
  • Knowledge of practical information security (main threats, vulnerabilities and protection technologies, a common understanding of how a botnet works, what kinds of malware exist);
  • Highly developed technical capability across a wide range of cybersecurity products
  • Ability to convey technical information into the business language
  • Strong understanding of modern operating systems.
  • Strong understanding of modern cryptography.
  • Ready to learn and develop your skills to become a leading expert in the field.

WHAT ELSE WE APPRECIATE IN OUR TEAM:

  • Knowledge of network technologies (DNS, DHCP ,IP, OSI/ISO, mail systems, SSL,VPN, SPAN, GRE, VLAN, IDS, IPS, Firewall etc).
  • Knowledge of different Operating Systems.
  • Strong ability to understand and analyze log and network packet data
  • Fluent in English and Vietnamese
Send your CV to: job@group-ib.comShare vacancy
Copied

Report an incident

Get 24/7 incident response assistance from our global team

APAC: +65 3159-3798
Europe: +31 20 226-90-90
EMA: +971 4 508 1605

Thank you for filling out the form! We will get back to you shortly.
Cookies

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

 
Report an incident
All you need to know to #StayCyberSafe