Digital Forensics Incident Responder (DFIR)

Our client requires a proficient Digital Forensics and Incident Responder to strengthen their Cyber Defence operations. This position centers on examining security events, carrying out detailed forensic reviews, and improving overall threat detection mechanisms.

Key Responsibilities

• Direct the handling of security incidents, covering isolation, removal of threats, and system restoration.
• Analyse endpoints, networks, and servers using specialised software like EnCase, FTK, Volatility, or similar platforms.
• Determine the underlying causes of events, prepare detailed summaries with improvement suggestions, and coordinate with monitoring and intelligence units.
• Refine response guidelines, documentation, and support ongoing threat evaluations.

Requirements

• Degree in Computer Science, Cybersecurity, or a comparable area.
• At least 3 years in incident handling, forensic investigations, or related security work, with skills in SIEM platforms like Splunk or QRadar, endpoint tools, and log examination.
• Familiarity with malware examination, traffic patterns, scripting languages such as Python or PowerShell, and common attack methods.
• Preferred qualifications include certifications like GCFA, GCIH, or GCFE, alongside strong problem-solving and reporting abilities.

EA Licence: 16S8091

EA Reg No.: R1656500