Senior Associate, Digital Forensics and Incident Response (DFIR)

Overview

A leading tech-enabled digital intelligence, investigation, and risk advisory firm is looking to appoint a Senior Associate, Digital Forensics and Incident Response (DFIR).

The firm is seeking a dynamic new team member to help grow its Digital Forensics & Incident Response (DFIR) services. The firm has built a world class DFIR capability over the past several years and is looking to hire a Senior Associate with experience from the public and/or private sector to build on the teams success and help it innovate.

Key Responsibilities

• Leading and/or supporting investigations into cybersecurity incidents, including ransomware, data breaches, and insider threats.
• Performing incident triage, forensic analysis, malware examination, and log review to identify the root cause and scope of compromise.
• Conducting forensic imaging and analysis of endpoints, servers, cloud environments, and mobile devices.
• Preserving and analyzing digital evidence in line with legal and regulatory requirements.
• Extracting, correlating, and interpreting data from multiple sources to reconstruct attack timelines.
• Documenting methodologies and findings to support potential litigation, regulatory inquiries, or internal reviews.

Skills, Knowledge & Experience

• Candidates will have approximately three (3) to five (5) years of experience in digital forensics, incident response, or a related field.
• Strong technical background in digital forensics tools (e.g., Magnet Axiom, EnCase, FTK, Cellebrite, XWays, etc.) and incident response, EDR, and cybersecurity platforms, as well as cloud-based environments (M365, G-Suite, AWS, etc.).
• Proficiency in handling a variety of operating systems (e.g., Linux, Windows, Mac, iOS, virtual machines, etc.) and file systems (e.g., FAT, NTFS, EXT, etc.). Must be familiar with digital evidence collection from a variety of sources.
• Proficiency in data and log file analysis and analytics tools such as SQL, Python, Tableau, Splunk, and Excel.
• Candidates must have exceptional communication, analytical, and interpersonal skills.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.

Relevant Certifications

• Certified Computer Examiner (CCE)
• Certified Information Systems Security Professional (CISSP)
• Certified Incident Handler (GCIH)
• Certified Forensic Computer Examiner (CFCE)
• Other relevant certifications in DFIR or cybersecurity.