Cyber Incident Response & Digital Forensics (DFIR)

About

We’re looking for a highly skilled cybersecurity professional to join a fast-paced, 24x7 Cyber Operations environment. This role is ideal for someone who thrives in high-impact situations, brings deep DFIR expertise, and is passionate about strengthening enterprise security posture.

What You’ll Do:

• Lead and support cyber incident investigations, triage, and response activities in a 24x7 operations center
• Perform advanced digital forensics across memory, disk, and system images during active incidents
• Leverage tools such as Splunk, Microsoft Defender, CrowdStrike, and Axiom to analyze threats and drive response efforts
• Translate complex technical findings into clear, actionable insights for executive and non-technical stakeholders
• Partner with infrastructure and business teams to recommend and implement post-incident security improvements
• Contribute to the development of security architecture, standards, and best practices across enterprise environments
• Analyze complex security data to deliver meaningful insights, risk mitigation strategies, and operational enhancements
• Support and optimize enterprise security tooling and detection capabilities

What You Bring:

• Strong experience in digital forensics, incident response, or cybersecurity operations
• Hands-on expertise with leading security tools (Splunk, Defender, CrowdStrike, etc.)
• Proven ability to conduct forensic investigations (memory, disk, image analysis)
• Experience operating in a 24x7 SOC or cyber operations environment
• Excellent communication skills, with the ability to engage both technical and non-technical audiences
• Strong analytical mindset with the ability to manage multiple priorities in high-pressure situations
• Solid understanding of security frameworks, standards, and industry best practices

Nice to Have:

• Splunk certification or equivalent experience
• Exposure to enterprise security architecture and large-scale environments
• Familiarity with NIST, ISO, and continuity of business (COB) principles
• Experience in financial services or large enterprise incident response

This is an opportunity to play a critical role in defending enterprise systems, shaping security strategy, and driving continuous improvement across cybersecurity operations.