CrawlJobs Logo

Senior Digital Forensics Incident Response Analyst

nttdata.com Logo

NTT DATA

Location Icon

Location:
South Africa , Johannesburg

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Senior Information Security Incident Response Analyst leads complex incident investigations and digital forensic analysis for clients across diverse environments. This role focuses on determining root cause and impact, guiding clients through containment and remediation, and clearly communicating technical findings to both technical and executive stakeholders. The analyst serves as a senior escalation point, mentors and trains junior responders, and contributes to maturing team processes, workflows, and response capabilities. They collaborate with internal teams and external partners while maintaining strong, professional client engagement throughout each incident.

Job Responsibility:

  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies

Requirements:

  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Minimum of 5 years of experience in the technology information security industry

Nice to have:

Additional DFIR‑related certifications are considered a plus

Additional Information:

Job Posted:
March 03, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Digital Forensics Incident Response Analyst

Senior IT Security Operations Analyst

This will support the IT Security Operations Team through Incident Response and ...
Location
Location
Philippines , Manila
Salary
Salary:
Not provided
aurecongroup.com Logo
Aurecon Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 4 years of experience in Cyber Security or similar role
  • Incident Response experience is a must
  • Certification as an Incident Handling/ Response Professional, Digital Forensics Professional, Ethical Hacker is a plus
  • Strong sense of responsibility, flexibility, and adaptability to varying request
  • Demonstrate excellent time management and organizational skills
Job Responsibility
Job Responsibility
  • Perform Incident Response activities to manage and mitigate cyber threats
  • Perform first level Digital Forensics to discover and preserve evidence and artifacts
  • Assist to enhance threat hunting with DFIR gathered intelligence
  • Assist to Monitor new and emerging threat actors and techniques through threat intelligence, and DIFR gathered intelligence
  • Support the IT Security Operations Team through Incident Response and Forensics
What we offer
What we offer
  • Flexibility - balance what matters most to you
  • Wellbeing - we priorities your health
  • Recognition - your impact matters
  • Family - support for modern families and carers
  • Community - give back through volunteering days
  • Career development - learn, lead and shape your career
  • Fulltime
Read More
Arrow Right
New

Senior Information Security Incident Response Analyst

The Senior Information Security Incident Response Analyst leads complex incident...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred)
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles
  • Advanced knowledge of digital forensics, including disk and memory image analysis across Windows, Linux, and macOS platforms
  • Strong understanding and experience with network forensics, cloud forensics (Azure, AWS, GCP) and mobile forensics (iOS/Android)
  • Ability to communicate complex technical findings clearly to both technical and non‑technical client stakeholders
  • Strong analytical, critical thinking, and problem‑solving abilities during high‑pressure investigations
Job Responsibility
Job Responsibility
  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Analyst/ Lead Cybersecurity Analyst

We are looking for Senior Cybersecurity Analyst/ Lead Cybersecurity Analyst to j...
Location
Location
Poland , Katowice
Salary
Salary:
12000.00 - 16000.00 PLN / Month
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Advanced analysis of security incidents in onpremises and cloud environments
  • Ability to create monitoring content for SOC security tools
  • Coordinating incident response activities within the SOC and across other teams
  • Advanced skills in collecting and preserving digital evidence across operating systems
  • Understanding of advanced digital forensics techniques
  • Preparing clear and comprehensive incident reports for stakeholders
  • Integrating threat intelligence into incident analysis and response processes
  • Knowledge of incident response planning and strategy development
  • Awareness of legal and regulatory requirements for incident handling
  • Strong understanding of cloud platforms (e.g., AWS, Azure)
Job Responsibility
Job Responsibility
  • Independently conducting in-depth analysis of security incidents for on-premises and cloud infrastructure to identify root causes and potential mitigations
  • Create additional correlation, pivotal or monitoring content to support incident analysis and get updates on ongoing incidents
  • Coordinating incident response efforts within the Cybersecurity Operations Center and with other relevant teams
  • Collecting and preserving digital evidence for forensic analysis
  • Writing new playbooks if needed
  • Incident Reporting
  • Preparing comprehensive incident reports for management and stakeholders
  • Solving problems according to existing report planning
What we offer
What we offer
  • Luxmed
  • Medicover Sport
  • Worksmile
  • educational platforms
  • languages learning platform
  • referral bonus
  • life insurance
  • workation
  • certifications (paid by the company)
  • conferences
  • Fulltime
Read More
Arrow Right

Senior Application Security Analyst

We are looking for a Senior Application Security Analyst (m/f/d) to join the Inc...
Location
Location
Germany , Hamburg or Berlin
Salary
Salary:
75000.00 - 85000.00 EUR / Year
aboutyou.de Logo
About You
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • min. 5+ years of experience in incident response security
  • Background in Cyber Security, Computer Science or IT Operations
  • Experience in incident response, blue teaming or digital forensics in cloud-native environments
  • Able to write scripts and programs to automate tasks in Python or another programming language
  • Proficient with Linux and a SIEM
  • Experience working with web application firewalls, Cloudflare preferred
  • Good communication and presentation skills, can explain technical terms in non-technical language
  • Fluent English skills (spoken & written)
Job Responsibility
Job Responsibility
  • Set up and maintain DFIR tools and infrastructure
  • Provide first response during security incidents, including digital forensics and post incident risk mitigation
  • Improve monitoring and scanning tools to detect security issues and automate routine tasks
  • Investigate and respond to security alerts in our systems
  • Create and maintain incident response playbooks
  • Keep an eye on current threats and zero-day vulnerabilities in the cyber security space and implement preventative measures within the organization
What we offer
What we offer
  • Hybrid working
  • Fresh fruit every day
  • Sports courses
  • Free access to code.talks
  • Exclusive employee discounts
  • Free drinks
  • Language courses
  • Laracast account for free
  • Company parties
  • Help in the relocation process
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Analyst

We are looking for Senior Cybersecurity Analyst/ Lead Cybersecurity Analyst to j...
Location
Location
Poland , Katowice
Salary
Salary:
12000.00 - 16000.00 PLN / Month
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Advanced analysis of security incidents in onpremises and cloud environments
  • Ability to create monitoring content for SOC security tools
  • Coordinating incident response activities within the SOC and across other teams
  • Advanced skills in collecting and preserving digital evidence across operating systems
  • Understanding of advanced digital forensics techniques
  • Preparing clear and comprehensive incident reports for stakeholders
  • Integrating threat intelligence into incident analysis and response processes
  • Knowledge of incident response planning and strategy development
  • Awareness of legal and regulatory requirements for incident handling
  • Strong understanding of cloud platforms (e.g., AWS, Azure)
Job Responsibility
Job Responsibility
  • Independently conducting in-depth analysis of security incidents for on-premises and cloud infrastructure to identify root causes and potential mitigations
  • Create additional correlation, pivotal or monitoring content to support incident analysis and get updates on ongoing incidents
  • Coordinating incident response efforts within the Cybersecurity Operations Center and with other relevant teams
  • Collecting and preserving digital evidence for forensic analysis
  • Writing new playbooks if needed
  • Incident Reporting
  • Preparing comprehensive incident reports for management and stakeholders
  • Solving problems according to existing report planning
  • Working on different types of alerts (malware, phishing, network)
What we offer
What we offer
  • Luxmed
  • Medicover Sport
  • Worksmile
  • educational platforms
  • languages learning platform
  • referral bonus
  • life insurance
  • workation
  • certifications (paid by the company)
  • conferences
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

We are seeking a Senior SOC Analyst to lead advanced security monitoring, incide...
Location
Location
South Africa , South Africa
Salary
Salary:
Not provided
overturerede.in Logo
Overture Rede
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • 3–5 years of experience in SOC operations, incident response, or advanced security monitoring roles
  • One or more of the following advanced certifications: GIAC GCFA (Forensic Analyst) or GNFA (Network Forensics Analyst) GIAC GCTI (Cyber Threat Intelligence) GIAC GSOC (Security Operations Certified) CREST Registered Intrusion Analyst (CRIA) Advanced tool/vendor certifications (e.g., Splunk Enterprise Security Admin, Elastic Security Specialist)
  • Strong expertise in digital forensics, incident handling, and threat intelligence
  • Advanced knowledge of MITRE ATT&CK and threat actor TTPs
  • Proficiency in SIEM query languages (SPL, KQL, Lucene)
  • Experience working in 24×7 enterprise or MSSP SOC environments
  • Strong reporting, documentation, and stakeholder communication skills
Job Responsibility
Job Responsibility
  • Lead advanced incident response activities, including containment, eradication, and recovery
  • Perform digital and network forensic investigations to support incident analysis
  • Conduct proactive threat hunting and advanced detection engineering
  • Analyze threat intelligence and correlate with internal security events
  • Design, tune, and optimize SIEM and SOAR use cases and detection rules
  • Serve as an escalation point for complex security incidents
  • Provide mentorship and technical leadership to junior and intermediate SOC analysts
  • Develop SOC playbooks, procedures, and post-incident reports
  • Collaborate with security architecture and risk teams to improve security posture
What we offer
What we offer
  • Higher responsibility than junior role
  • Career growth opportunity
  • Strong job security
  • Fulltime
Read More
Arrow Right

Engineer III - Cyber Incident Response

The Engineer III, Cyber Incident Response, is a senior technical role within the...
Location
Location
United States , Conshohocken; Remote
Salary
Salary:
Not provided
cencora.com Logo
Cencora
Expiration Date
March 23, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent work experience
  • Master’s degree preferred
  • Strong knowledge of incident response methodologies, digital forensics, and adversary tactics
  • Familiarity with security frameworks such as NIST, MITRE ATT&CK, and ISO 27035
  • 5–7 years of progressive experience in cybersecurity, with at least 3 years in incident response or SOC operations
  • Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, EnCase, Wireshark)
  • Proven ability to investigate advanced threats and coordinate response activities across teams
  • Demonstrated success in mentoring junior analysts and improving SOC processes
  • Strong written and verbal communication skills with the ability to document and present technical findings clearly
Job Responsibility
Job Responsibility
  • Lead the investigation and resolution of complex security incidents, including advanced persistent threats, ransomware, phishing campaigns, and insider activities
  • Perform forensic analysis across endpoints, networks, and cloud environments to identify root causes and scope of compromise
  • Develop and enhance incident response playbooks, runbooks, and detection use cases
  • Collaborate with threat intelligence, vulnerability management, and countermeasures teams to strengthen defenses
  • Escalate high-severity incidents to senior leadership and provide clear, actionable reporting
  • Act as a technical escalation point for Engineer I/II analysts during incident investigations
  • Contribute to red team and purple team exercises to validate and improve response capabilities
  • Participate in after-action reviews and lessons-learned sessions to improve SOC processes
  • Mentor and train junior engineers on incident response best practices and investigative techniques
What we offer
What we offer
  • medical
  • dental
  • vision care
  • comprehensive suite of benefits focusing on physical, emotional, financial, and social aspects of wellness
  • support for working families
  • backup dependent care
  • adoption assistance
  • infertility coverage
  • family building support
  • behavioral health solutions
  • Fulltime
Read More
Arrow Right

Senior Security Investigator

The CyberSecurity Incident Response team (CIRT) is at the forefront of protectin...
Location
Location
United States , Seattle; San Francisco; Sunnyvale
Salary
Salary:
180000.00 - 200000.00 USD / Year
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 5+ years of experience in Security Investigations, Incident Response, Threat Hunting, or Digital Forensics within large-scale or high-risk environments.
  • Proven expertise with forensic tooling, log analysis, SIEM platforms, EDR solutions, and cloud investigation workflows (AWS/GCP/Azure).
  • Strong understanding of attacker TTPs, modern threat landscape, and frameworks like MITRE ATT&CK.
  • Hands-on experience building automation using Python, APIs, SOAR, or equivalent frameworks.
  • Ability to lead complex investigations end-to-end and communicate findings effectively to senior leadership.
  • Experience running or contributing to large cross-company security projects.
Job Responsibility
Job Responsibility
  • Lead complex security investigations end-to-end and perform deep forensic analysis across endpoints, cloud environments, identity systems, networks, and application logs to uncover root cause and attack paths.
  • Own & Build automation and tooling to accelerate evidence collection, log enrichment, triage workflows, and decision-making at global scale.
  • Improve detection and response capabilities by partnering with Threat Intelligence, Detection Engineering, and Platform teams.
  • Lead major cross-functional security initiatives that strengthen investigative readiness, digital forensics, cloud incident response, and threat-hunting capabilities.
  • Mentor and develop investigators and analysts, providing technical guidance, reviewing casework, and elevating investigative rigor.
  • Continuously evolve investigation methodology by analyzing trends, identifying gaps, and embedding lessons learned back into the security ecosystem.
What we offer
What we offer
  • Eligible to participate in Uber's bonus program
  • May be offered an equity award & other types of comp
  • Eligible for various benefits (details at provided link)
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy