Digital Forensics & Incident Response (DFIR)

Job Summary

Provide expert incident response and forensic investigation services within a SOC environment, leading security event management and breach response to protect MSSP customers and internal assets.

Responsibilities

• Lead advanced incident response and forensic investigations for Managed Security Service Provider (MSSP) customers and internal security incidents to minimize impact and restore operations
• Direct containment, eradication, and recovery efforts during security breaches to ensure rapid resolution and system integrity
• Perform comprehensive endpoint, server, and cloud forensic analyses to identify attack vectors and compromised assets
• Conduct root cause analysis and reconstruct cyberattacks to inform prevention strategies and improve security posture
• Analyze malware and memory artifacts to detect and understand threats and support remediation efforts
• Collaborate with breach response teams, legal, and compliance stakeholders to meet regulatory and organizational requirements
• Develop, refine, and maintain incident response (IR) playbooks to enhance response efficiency and effectiveness
• Produce detailed, accurate forensic and incident reports to document findings and support decision-making
• Support continuous improvement of detection capabilities and threat hunting processes to proactively identify emerging threats

Required competencies and certifications

• Possess Degree in Computer Science or equivalent
• At least 2 years of relevant working experience in a Security Operations Center (SOC) environment
• Familiarity with Digital Forensics and Incident Response (DFIR) and Threat Hunting Process Standard Operating Procedures (SOP) and Technical SOP

Preferred competencies and qualifications

• Certification such as GIAC Certified Forensic Analyst (GCFA) or equivalent

To quick apply:
https://jobs.hackertrail.com/hackertrail/job/digital-forensics-and-incident-response-engineer