Cybersecurity Incident Response

Cybersecurity Incident Response & Digital Forensics AnalystJob Openings Cybersecurity Incident Response & Digital Forensics AnalystAbout the job Cybersecurity Incident Response & Digital Forensics AnalystCybersecurity Incident Response & Digital Forensics AnalystPosition OverviewWe are seeking a Cybersecurity Incident Response & Digital Forensics Analyst to lead security incident management, conduct digital forensic investigations, and manage the complete incident lifecycle including containment, eradication, and recovery while providing expert forensic analysis to determine attack vectors and attribution.Key ResponsibilitiesLead security incident response activities following established IR procedures and frameworks (NIST 800-61)Perform rapid containment and isolation of compromised systems to prevent lateral movementCoordinate incident response team activities and communicate with stakeholders during active incidentsExecute eradication procedures to remove threats and implement recovery strategies for affected systemsConduct post-incident reviews and lessons learned sessions to improve response capabilitiesPerform digital forensic analysis on compromised systems, networks, and digital evidenceConduct disk imaging, memory analysis, and network traffic examination using forensic toolsAnalyze malware samples, attack techniques, and tactics, techniques, and procedures (TTPs)Reconstruct attack timelines and determine initial compromise vectors and attack progressionPreserve evidence integrity and maintain proper chain of custody for legal proceedingsThreat Analysis & AttributionAnalyze threat intelligence and correlate indicators of compromise (IOCs) with ongoing investigationsConduct threat hunting activities to identify advanced persistent threats and insider threatsPerform behavioral analysis and pattern recognition to identify sophisticated attack campaignsDocument attack methodologies, tools used, and provide attribution assessmentsCollaborate with law enforcement and external threat intelligence sources when appropriateDocumentation & ReportingCreate comprehensive incident reports including technical analysis and business impact assessmentsDocument forensic findings and maintain detailed investigation case filesPrepare executive briefings and technical reports for management and legal teamsDevelop and maintain incident response playbooks and forensic investigation proceduresSupport legal proceedings by providing expert testimony and forensic evidence analysisRequired QualificationsTechnical Skills6+ years experience in cybersecurity incident response and digital forensicsExpert proficiency with forensic tools (EnCase, FTK, Volatility, Autopsy, SIFT, REMnux)Strong knowledge of Windows, Linux, and macOS forensics and system internalsExperience with network forensics, packet analysis, and log correlation techniquesUnderstanding of malware analysis, reverse engineering, and threat hunting methodologiesProficiency in scripting languages (Python, PowerShell) for automation and analysisProven experience managing complex security incidents from detection through recoveryStrong analytical skills for reconstructing attack scenarios and identifying root causesKnowledge of legal and regulatory requirements for digital evidence handlingExperience with threat intelligence platforms and indicators of compromise analysisUnderstanding of compliance frameworks and breach notification requirementsPreferred QualificationsBachelor's degree in Cybersecurity, Computer Science, or related fieldSecurity certifications (GCIH, GCFA, GNFA, CISSP, CISM, CCE)Experience with cloud forensics (AWS, Azure, GCP) and containerized environment investigationsBackground in law enforcement or military cybersecurity operationsKnowledge of threat actor groups, attack frameworks (MITRE ATT&CK), and cyber threat landscape #J-18808-Ljbffr