Forensic Team Lead

Confirmed live in the last 24 hours

Superbet

Belgium; Croatia; Netherlands; Romania; Spain

On-site

Posted April 9, 2026

Job Description

It’s an exciting time to join us! We’re entering new markets, developing new technologies, and moving step by step towards our goal of exciting the world. As our business grows, the number of exciting people initiatives grows with it, and we’re looking for a new colleague to partner with our team to bring these to life.

Forensic Team Lead

The Mission

We are not looking for someone who simply monitors dashboards or waits for alerts.

We are looking for a highly experienced Forensics Team Lead who has a proven track record of identifying and investigating sophisticated cyber threats in real-world environments. In this role, you will lead a specialized forensics function, operating at the core of our cloud-native infrastructure to proactively detect, investigate, and neutralize advanced adversaries.

You will go beyond tools and predefined alerts—leveraging raw data, custom analysis, and forward-thinking strategies to stay ahead of attackers.

What You’ll Do

Lead & Build:
Establish and lead the digital forensics function. Build and mentor a high-performing team of investigators, setting standards for excellence and rigor.
Proactive Threat Hunting:
Conduct advanced threat hunting activities across cloud environments to detect sophisticated attacks, including APTs and stealth intrusions.
Retrospective Analysis:
Perform deep historical investigations for newly discovered vulnerabilities, validating whether they were previously exploited and assessing potential impact.
Data-Driven Investigations:
Analyze diverse data sources such as VPC flow logs, audit trails, and system artifacts. Adapt to new data formats and scenarios without relying solely on vendor tooling.
Incident Response Leadership:
Lead forensic investigations during active security incidents, transforming complex data into clear insights and actionable response plans.
Automation & Innovation:
Develop and leverage automation (e.g., Python, AI-driven tooling) to streamline forensic workflows and enhance investigative capabilities.

Your Profile (Must-Have Qualifications)

Extensive Forensics Experience:
5+ years in digital forensics, incident response, or threat hunting, with a demonstrated ability to uncover and investigate complex security incidents.
Cloud Security Expertise:
Strong experience investigating security events in cloud environments, including working with audit logs, identity systems, and infrastructure telemetry.
Technical & Coding Skills:
Proficiency in scripting or programming (e.g., Python) to build custom tools, automate analysis, and handle non-standard data formats.
Analytical Mindset:
Ability to think critically and approach problems from an attacker’s perspective, identifying hidden patterns and potential attack paths.
Deep Investigation Approach:
Treat vulnerabilities as potential incidents—conducting thorough historical analysis to confirm whether exploitation has occurred.
Leadership Under Pressure:
Proven ability to lead teams during high-pressure situations, maintaining clarity, focus, and effective decision-making.

What Makes You Stand Out

You approach every situation with a “assume compromise until proven otherwise” mindset
You rely on evidence and verifiable insights, not assumptions
You are skilled in timeline reconstruction and root cause analysis
<