- Experience
- 1+ yrs
- Salary
- —
- Openings
- 1
- Posted
- 9 hours ago
- Work mode
- In office
- Education
- Not specified
- Eligibility
- Early-career candidates with at least 1 year of relevant technical experience and a genuine interest in incident response are encouraged to apply. Applicants who have developed their skills through work, self-study, labs, CTFs, community involvement, or adjacent technical roles are suitable, provid…
- Resume
- Required to apply
Where you'll work
Job description
About the Company
Blackpanda is a cyber incident response specialist and a Lloyd's of London–accredited insurance coverholder, serving organisations across Asia with complete digital emergency support. The firm combines preparation, response, and insurance through its Assurance-to-Insurance approach, helping clients reduce both financial loss and operational disruption after a cyberattack.
The company offers consulting, response assurance subscriptions, and cyber insurance, all delivered by local specialists who work together to support organisations from breach through recovery. Its broader goal is to provide cyber peace of mind across Asia.
Working Style
Blackpanda operates as a technology-enabled services team with strong use of AI and a focus on speed, scale, and better outcomes. Team members are given approved tools, expected to own results, and encouraged to value practical thinking, initiative, and useful ideas over bureaucracy.
Role Overview
This position is for a Junior Incident Responder who will work with senior responders during live cyber incidents. The role is hands-on and delivery-oriented: you will help contain attacks, support investigations, and assist in recovery while building your skills through close mentorship.
The company values attitude and learning ability as much as prior experience. Candidates do not need to have seen every scenario already, but they should show strong curiosity, a willingness to be coached, and a serious interest in incident response through work, personal projects, study, or community involvement.
Key Responsibilities
- Support senior consultants during active incidents by helping with containment, evidence handling, forensic work, and reporting.
- Collect and review forensic data from Windows, Linux, macOS, and cloud systems with guidance from experienced team members.
- Examine logs, endpoint data, network information, and malware-related artifacts, then help build investigation timelines.
- Use scripting in Python, Bash, or PowerShell to support data collection, parsing, and automation tasks when needed.
- Prepare clear and accurate documentation, including sections for client reports under senior review.
- Maintain a composed and professional approach in client interactions, even in high-pressure situations.
- Follow operating procedures, chain-of-custody rules, and quality standards as part of the team workflow.
- Take responsibility for your own learning by asking questions, applying feedback, and improving quickly.
- Join training sessions, exercises, and on-the-job mentoring designed to strengthen incident response skills.
- Share observations and improvement ideas with the team, regardless of seniority.
Requirements
- At least 1 year of experience in cybersecurity, IT, or a related technical area such as SOC operations, system administration, helpdesk, network engineering, or software engineering.
- A clear and genuine interest in incident response, shown through study, side projects, CTFs, home labs, community work, or previous roles.
- Comfort using at least one major operating system among Windows, Linux, or macOS, plus the willingness to build capability across all three.
- Basic scripting knowledge in Python, Bash, or PowerShell, with the ability to read and adapt scripts and continue improving.
- Strong written and spoken English skills for note-taking, reporting, and professional communication with teammates and clients.
- A coachable, curious, and resilient mindset with the ability to learn from mistakes and keep improving.
- Ability to stay calm under pressure and present professionally in client-facing situations.
Preferred Qualifications
- Progress toward, or completion of, a relevant certification such as Security+, Network+, GCIH, GCFA, GFACT, CEH, or BTL1.
- Hands-on exposure to EDR, SIEM, or forensic tools, even if gained in a learning environment.
- Involvement in CTFs, security communities, open-source work, or personal lab projects.
- Experience in a related field such as IT operations, SOC, sysadmin, network engineering, software engineering, or intelligence analysis, with a desire to move into incident response.
- Knowledge of additional languages useful for the regions served by Blackpanda.
Growth and Team Environment
From the first day, you will be paired with senior responders on real engagements and supported through direct mentorship and structured instructor-led training. This is intended to be a guided development path rather than a sink-or-swim setup.
You will also work with a diverse, international team where work quality, character, and contribution matter most. Learning by trying is encouraged, and not trying at all is not.
Why This Role May Appeal to You
This opportunity is suited to someone early in their career who wants to build practical incident response experience under experienced professionals who are invested in helping them grow. The company is looking for the right mindset, strong potential, and readiness to learn by doing.
Leveling Note
Although the posting carries one job title, hiring may span several seniority levels. The final designation, which may be DFIR Analyst, DFIR Specialist, or a similar level, will depend on the depth and range of cybersecurity and incident response experience shown during the interview process. Candidates whose experience sits near the boundary between levels are encouraged to apply.