SOC Analyst – Digital Forensics & Incident Response

About

We are seeking a SOC Analyst – Digital Forensics & Incident Response to perform deep technical investigations, forensic analysis, and malware triage for complex security incidents. This role is critical in identifying root causes and strengthening incident response capabilities.

Key Responsibilities

• Incident Investigation: Conduct advanced analysis of escalated security incidents
• Digital Forensics: Perform evidence collection, preservation, and forensic triage
• Malware Analysis: Investigate suspicious files, processes, and execution patterns
• Threat Correlation: Analyze data across security tools (CrowdStrike, FortiGate, AWS, Cloudflare, Mimecast, Netskope)
• Incident Reconstruction: Build timelines and determine the scope and impact of incidents
• Containment Support: Assist in response actions and coordinate with external forensic teams if needed
• Documentation: Maintain defensible records of findings and evidence handling
• Operational Support: Contribute to 24x7 SOC operations

Qualifications & Requirements

• 5–7 years of experience in SOC/DFIR roles
• Strong expertise in digital forensics, incident response, and malware analysis
• Experience with endpoint, network, and cloud security tools
• Knowledge of host triage, process analysis, and forensic artifacts (Windows/Linux)
• Basic scripting skills (PowerShell/Python) preferred
• Certifications such as GCFA, GCFE, GCIH, CHFI, or SC-200 are preferred