Senior Digital Forensic and Incident Response Analyst – Home based at Remote

Cyber threats are becoming more regular and more sophisticated, we need your help to combat these cyber incidents! A well-known Consultancy client is looking for an experienced Digital Forensic Incident Response consultant to join their growing team.  The ideal candidate will possess expertise in investigating cyber incidents, mitigating threats, and implementing proactive measures. Proficiency in handling DDoS attacks, coupled with a keen understanding of threat intelligence, is essential.

Role duties:

• Using a variety of forensic tools and manual techniques to conducting forensic acquisition on hardware and software solutions.
• Lead Investigations and response to incidents related to DDoS attacks, good understanding of WAF and Firewall capabilities.
• Maintain internal incident response plans, playbooks, and procedures for effective handling of security incidents
• Utilise knowledge of system administration and networking to lead mitigation and containment strategies during an active incident.
• Conducting triage of forensic evidence and taking structured notes in a digital forensic lab environment.
• Conducting forensic acquisition and triage review of Network and Operating system technologies.

Required Skills:

• Proven experience in digital forensics and incident response.
• Strong background in system administration and networking.
• Ability to conduct manual forensic analysis using commercial and open source tools
• Understanding Incident Response and Forensics of networking technologies – TCP/IP, Common protocols (HTTP, FTP, SSH etc), Common ports, VPN and Remote Access Technologies
• Memory forensics and conducting malware analysis using tools such as Volatility.
• Understanding of specific platform technologies and how the forensic + incident response processes apply.

Desirable Certifications:

• GIAC – Certified Incident Handler
• GCFE – GIAC Certified Forensic Examiner
• GCFA – GIAC Certified Forensic Analyst 
• Any offensive security certification like OSCP would be considered a plus

We would encourage candidates who don’t hold these certifications but have strong technical background with manual forensics skills and are looking to develop your DFIR skill set to apply for the role.