Job Description

🧭 Job Summary + Role Specification

This position is with a leading industry organization, offered under direct payroll.
Responsible for digital forensics, incident response, and breach investigations, focusing on evidence collection, malware analysis, and attack reconstruction across enterprise environments.

📄 Job Description

• Conduct digital forensic investigations (disk, memory, network) 
• Perform incident response and root cause analysis 
• Analyze malware, ransomware, and attack vectors 
• Collect and preserve evidence following forensic standards 
• Correlate logs across SIEM, EDR, and network tools 
• Support legal and compliance investigations 
• Develop DFIR playbooks and automation 

🎯 Roles & Responsibilities

• Perform disk imaging, memory capture, and analysis 
• Investigate alerts escalated from SOC teams 
• Document forensic findings and timelines 
• Analyze logs and artifacts for attack reconstruction 
• Collaborate with legal, IT, and security teams 

🧠 Skills & Technologies

DFIR: Incident Response, Malware Analysis, Threat Hunting
Tools: EnCase, FTK, Autopsy, Volatility, X-Ways
SIEM/EDR: Splunk, Sentinel, CrowdStrike, Defender
Cloud: AWS CloudTrail, Azure Security Center
Networking: TCP/IP, DNS, PCAP, Wireshark
Scripting: Python, PowerShell
Frameworks: MITRE ATT&CK, NIST

✅ Eligibility Criteria

• 3–7 yrs DFIR / incident response experience 
• Strong exposure to forensic tools and investigations 
• Knowledge of networking, OS, and cloud environments 
• Bachelor’s in CS/IT/Cybersecurity 
• Certifications: CHFI, GCFA, GCFE (Preferred)