CrawlJobs Logo

Senior Digital Forensics Incident Response Analyst

nttdata.com Logo

NTT DATA

Location Icon

Location:
South Africa , Johannesburg

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Senior Information Security Incident Response Analyst leads complex incident investigations and digital forensic analysis for clients across diverse environments. This role focuses on determining root cause and impact, guiding clients through containment and remediation, and clearly communicating technical findings to both technical and executive stakeholders. The analyst serves as a senior escalation point, mentors and trains junior responders, and contributes to maturing team processes, workflows, and response capabilities. They collaborate with internal teams and external partners while maintaining strong, professional client engagement throughout each incident.

Job Responsibility:

  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies

Requirements:

  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Minimum of 5 years of experience in the technology information security industry

Nice to have:

Additional DFIR‑related certifications are considered a plus

Additional Information:

Job Posted:
March 03, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Digital Forensics Incident Response Analyst

Senior IT Security Operations Analyst

This will support the IT Security Operations Team through Incident Response and ...
Location
Location
Philippines , Manila
Salary
Salary:
Not provided
aurecongroup.com Logo
Aurecon Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 4 years of experience in Cyber Security or similar role
  • Incident Response experience is a must
  • Certification as an Incident Handling/ Response Professional, Digital Forensics Professional, Ethical Hacker is a plus
  • Strong sense of responsibility, flexibility, and adaptability to varying request
  • Demonstrate excellent time management and organizational skills
Job Responsibility
Job Responsibility
  • Perform Incident Response activities to manage and mitigate cyber threats
  • Perform first level Digital Forensics to discover and preserve evidence and artifacts
  • Assist to enhance threat hunting with DFIR gathered intelligence
  • Assist to Monitor new and emerging threat actors and techniques through threat intelligence, and DIFR gathered intelligence
  • Support the IT Security Operations Team through Incident Response and Forensics
What we offer
What we offer
  • Flexibility - balance what matters most to you
  • Wellbeing - we priorities your health
  • Recognition - your impact matters
  • Family - support for modern families and carers
  • Community - give back through volunteering days
  • Career development - learn, lead and shape your career
  • Fulltime
Read More
Arrow Right

Senior Information Security Incident Response Analyst

The Senior Information Security Incident Response Analyst leads complex incident...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Advanced knowledge of digital forensics, including disk and memory image analysis across Windows, Linux, and macOS platforms
  • Strong understanding and experience with network forensics, cloud forensics (Azure, AWS, GCP) and mobile forensics (iOS/Android)
  • Ability to communicate complex technical findings clearly to both technical and non‑technical client stakeholders
  • Strong analytical, critical thinking, and problem‑solving abilities during high‑pressure investigations
Job Responsibility
Job Responsibility
  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies
  • Fulltime
Read More
Arrow Right
New

Senior Cyber Incident Response Specialist

This senior, hands-on role offers the chance to lead complex forensic investigat...
Location
Location
Australia , Sydney
Salary
Salary:
146197.00 - 154260.00 AUD / Year
https://www.randstad.com Logo
Randstad
Expiration Date
May 20, 2026
Flip Icon
Requirements
Requirements
  • 4-5+ years in Incident Management and Cyber Security Operations
  • GCIH, GCFA, or similar SANS qualifications are highly preferred
  • Strong forensic expertise and the ability to translate technical data for executives
  • This role requires Australian Citizenship to ensure eligibility for security clearances
  • 4 years experience
  • Incident Response
  • Digital Forensics
  • GCIH
  • GPEN
  • GCFA
Job Responsibility
Job Responsibility
  • Lead end-to-end incident investigation, containment, and forensic analysis
  • Coordinate with third-party security partners and manage stakeholder communications
  • Deliver post-incident reporting and mentor junior security analysts
  • Manage security controls and participate in a weekly first responder rotation
What we offer
What we offer
  • Hybrid work with only 1 day on-site per week
  • Attractive on-call allowances and overtime pay
  • Lead investigations for a complex ICT environment
  • Supportive team culture with internal promotion paths
  • Mentor junior analysts in a collaborative environment
  • Fulltime
Read More
Arrow Right

Senior Application Security Analyst

We are looking for a Senior Application Security Analyst (m/f/d) to join the Inc...
Location
Location
Germany , Hamburg or Berlin
Salary
Salary:
75000.00 - 85000.00 EUR / Year
aboutyou.de Logo
About You
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • min. 5+ years of experience in incident response security
  • Background in Cyber Security, Computer Science or IT Operations
  • Experience in incident response, blue teaming or digital forensics in cloud-native environments
  • Able to write scripts and programs to automate tasks in Python or another programming language
  • Proficient with Linux and a SIEM
  • Experience working with web application firewalls, Cloudflare preferred
  • Good communication and presentation skills, can explain technical terms in non-technical language
  • Fluent English skills (spoken & written)
Job Responsibility
Job Responsibility
  • Set up and maintain DFIR tools and infrastructure
  • Provide first response during security incidents, including digital forensics and post incident risk mitigation
  • Improve monitoring and scanning tools to detect security issues and automate routine tasks
  • Investigate and respond to security alerts in our systems
  • Create and maintain incident response playbooks
  • Keep an eye on current threats and zero-day vulnerabilities in the cyber security space and implement preventative measures within the organization
What we offer
What we offer
  • Hybrid working
  • Fresh fruit every day
  • Sports courses
  • Free access to code.talks
  • Exclusive employee discounts
  • Free drinks
  • Language courses
  • Laracast account for free
  • Company parties
  • Help in the relocation process
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Analyst

We are looking for Senior Cybersecurity Analyst/ Lead Cybersecurity Analyst to j...
Location
Location
Poland , Katowice
Salary
Salary:
12000.00 - 16000.00 PLN / Month
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Advanced analysis of security incidents in onpremises and cloud environments
  • Ability to create monitoring content for SOC security tools
  • Coordinating incident response activities within the SOC and across other teams
  • Advanced skills in collecting and preserving digital evidence across operating systems
  • Understanding of advanced digital forensics techniques
  • Preparing clear and comprehensive incident reports for stakeholders
  • Integrating threat intelligence into incident analysis and response processes
  • Knowledge of incident response planning and strategy development
  • Awareness of legal and regulatory requirements for incident handling
  • Strong understanding of cloud platforms (e.g., AWS, Azure)
Job Responsibility
Job Responsibility
  • Independently conducting in-depth analysis of security incidents for on-premises and cloud infrastructure to identify root causes and potential mitigations
  • Create additional correlation, pivotal or monitoring content to support incident analysis and get updates on ongoing incidents
  • Coordinating incident response efforts within the Cybersecurity Operations Center and with other relevant teams
  • Collecting and preserving digital evidence for forensic analysis
  • Writing new playbooks if needed
  • Incident Reporting
  • Preparing comprehensive incident reports for management and stakeholders
  • Solving problems according to existing report planning
  • Working on different types of alerts (malware, phishing, network)
What we offer
What we offer
  • Luxmed
  • Medicover Sport
  • Worksmile
  • educational platforms
  • languages learning platform
  • referral bonus
  • life insurance
  • workation
  • certifications (paid by the company)
  • conferences
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

We are working with a leading UK IT solutions and managed services provider that...
Location
Location
United Kingdom
Salary
Salary:
50000.00 GBP / Year
dynamicsearch.co.uk Logo
Dynamic Search Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in SOC operations, digital forensics, incident response or threat detection
  • Experience leading complex security investigations and responding to high severity incidents
  • Advanced experience working with SIEM platforms, ideally Microsoft Sentinel and Defender XDR
  • Strong KQL knowledge for threat hunting and detection development
  • Experience using scripting languages such as Python or PowerShell for automation
  • Familiarity with digital forensics and investigation tools such as Velociraptor, KAPE or sandbox environments
  • Excellent written and verbal communication skills with the ability to present technical findings clearly
  • Comfortable mentoring junior team members and contributing to team development
Job Responsibility
Job Responsibility
  • Incident Response & Forensics: Lead complex security incidents from detection to remediation, coordinate containment, analyse attacker activity, and support client decision-making during high-severity events
  • Threat Hunting & Detection Engineering: Proactively hunt for threats using advanced KQL analytics, tune SIEM/EDR detections, and develop signatures aligned with MITRE ATT&CK
  • Malware Analysis & Reverse Engineering: Perform malware triage and behavioural analysis, using reverse-engineering tools when required
  • Client Reporting & Communication: Produce clear, high-quality investigation reports, timelines, and intelligence summaries for both technical and non-technical audiences
  • SOC Leadership & Continuous Improvement: Contribute to SOC playbooks, mentor junior analysts, support onboarding of new clients, and enhance processes and tooling
  • On-Call Support: Participate in the 24×7 on-call rota to provide expert support during critical incidents
What we offer
What we offer
  • Fully remote working across the UK
  • Competitive salary with additional benefits depending on experience
  • Opportunity to work within a mature and well supported Security Operations environment
  • Ongoing professional development and training opportunities
  • Exposure to a wide range of client environments and security challenges
  • Supportive culture with a strong focus on collaboration and continuous improvement
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

We are seeking a Senior SOC Analyst to lead advanced security monitoring, incide...
Location
Location
South Africa , South Africa
Salary
Salary:
Not provided
overturerede.in Logo
Overture Rede
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • 3–5 years of experience in SOC operations, incident response, or advanced security monitoring roles
  • One or more of the following advanced certifications: GIAC GCFA (Forensic Analyst) or GNFA (Network Forensics Analyst) GIAC GCTI (Cyber Threat Intelligence) GIAC GSOC (Security Operations Certified) CREST Registered Intrusion Analyst (CRIA) Advanced tool/vendor certifications (e.g., Splunk Enterprise Security Admin, Elastic Security Specialist)
  • Strong expertise in digital forensics, incident handling, and threat intelligence
  • Advanced knowledge of MITRE ATT&CK and threat actor TTPs
  • Proficiency in SIEM query languages (SPL, KQL, Lucene)
  • Experience working in 24×7 enterprise or MSSP SOC environments
  • Strong reporting, documentation, and stakeholder communication skills
Job Responsibility
Job Responsibility
  • Lead advanced incident response activities, including containment, eradication, and recovery
  • Perform digital and network forensic investigations to support incident analysis
  • Conduct proactive threat hunting and advanced detection engineering
  • Analyze threat intelligence and correlate with internal security events
  • Design, tune, and optimize SIEM and SOAR use cases and detection rules
  • Serve as an escalation point for complex security incidents
  • Provide mentorship and technical leadership to junior and intermediate SOC analysts
  • Develop SOC playbooks, procedures, and post-incident reports
  • Collaborate with security architecture and risk teams to improve security posture
What we offer
What we offer
  • Higher responsibility than junior role
  • Career growth opportunity
  • Strong job security
  • Fulltime
Read More
Arrow Right

Senior Security Investigator

The CyberSecurity Incident Response team (CIRT) is at the forefront of protectin...
Location
Location
United States , Seattle; San Francisco; Sunnyvale
Salary
Salary:
180000.00 - 200000.00 USD / Year
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 5+ years of experience in Security Investigations, Incident Response, Threat Hunting, or Digital Forensics within large-scale or high-risk environments.
  • Proven expertise with forensic tooling, log analysis, SIEM platforms, EDR solutions, and cloud investigation workflows (AWS/GCP/Azure).
  • Strong understanding of attacker TTPs, modern threat landscape, and frameworks like MITRE ATT&CK.
  • Hands-on experience building automation using Python, APIs, SOAR, or equivalent frameworks.
  • Ability to lead complex investigations end-to-end and communicate findings effectively to senior leadership.
  • Experience running or contributing to large cross-company security projects.
Job Responsibility
Job Responsibility
  • Lead complex security investigations end-to-end and perform deep forensic analysis across endpoints, cloud environments, identity systems, networks, and application logs to uncover root cause and attack paths.
  • Own & Build automation and tooling to accelerate evidence collection, log enrichment, triage workflows, and decision-making at global scale.
  • Improve detection and response capabilities by partnering with Threat Intelligence, Detection Engineering, and Platform teams.
  • Lead major cross-functional security initiatives that strengthen investigative readiness, digital forensics, cloud incident response, and threat-hunting capabilities.
  • Mentor and develop investigators and analysts, providing technical guidance, reviewing casework, and elevating investigative rigor.
  • Continuously evolve investigation methodology by analyzing trends, identifying gaps, and embedding lessons learned back into the security ecosystem.
What we offer
What we offer
  • Eligible to participate in Uber's bonus program
  • May be offered an equity award & other types of comp
  • Eligible for various benefits (details at provided link)
  • Fulltime
Read More
Arrow Right