Skip to main content
Team Member

Jan Hoff

Principal Industrial Incident Responder

Jan Hoff of Dragos
  • • GIAC Certified Network Forensic Analyst, SANS
  • • Offensive Security Certified Professional, Offensive Security
  • • GIAC Certified Forensic Analyst, SANS
  • • IT-Forensiker and EDV-Sachverständiger, modal
  • • Certified Information Security Manager (not maintained), ISACA
  • • ISO/IEC 27001 Lead Auditor, KPMG
  • • Certified Information Systems Auditor (not maintained), ISACA
  • • Certified Ethical Hacker CEH (not maintained), EC-Council
  • • Licensed Penetration Tester LPT (not maintained), EC-Council

Jan Hoff is a Principal Industrial Incident Responder at Dragos, where he focuses on using digital forensics to do incident response and help build new capabilities for detecting attacks.

Prior to joining Dragos, Jan has been protecting critical infrastructures for more than a decade on the defensive and offensive track. He started his career as a consultant and sysadmin for control centers and worked at KPMG as a consultant in national and international projects for German government and private companies. He moved on to work at two of Europe’s major energy companies (RWE and E.ON) defending networks in IT and OT as well as improving the information security organization. Finally, Jan built the Red/Purple Team for IT and OT at E.ON.

Additionally, Jan gives lectures on forensics, incident response, and offensive security at a University of Applied Sciences in Germany.



  • Sc. Wirtschaftsinformatik (Business Computer Science), Carl von Ossietzky Universität Oldenburg
  • Sc. Praktische Informatik (Practical Computer Science), Fernuniversität Hagen

Want Jan’s frontline perspective for an upcoming event or news feature? Send your request to