Digital Forensics Incident Response Specialist

Marcus Donald are currently looking for a Digital Forensics Incident Response Specialist (DFIR) on an initial 6 month contract with the view to extend. Should you be successful, you will be working for a large and well known financial organisation in London.

This is a 6 month contract position - OUTSIDE IR35!

The teams key role is to provide proactive and effective management of vulnerabilities to reduce the attack surface and improve the overall security posture of the business.

The Threat & Vulnerability Management team proactively gathers information on potential threats against the business in order to deploy countermeasures and detection capability. It also guides in supporting the resolution of advanced or complex security threats and acts as a point of escalation.
The team is skilled in conducting digital forensic investigations.

The DFIR role will Lead on complex forensics investigations providing detailed analysis and reporting in order to aid incident resolution whilst conducting malware analysis to drive understanding of attacks in order to aid future detection & mitigation.

Digital Forensics Incident Response Specialist (DFIR) - The Role:

• The ideal candidate should have a solid technical background within system administration and networking and also a proven track record in security operations and forensics.
• Perform forensic collections of data and conduct detailed forensic analysis tasks such as production of forensic images and reports
• Ability to complete the full end to end digital forensic process
• Continual improvement in the way that forensic investigations are conducted
• Incident Response – Provide real time forensic capability to assist with high profile incidents that require in-depth investigation to identify root cause.
• Recommend post cyber-attack containment, remediation and recovery activities.
• Utilize internal sources to conduct malware analysis resulting in improved threat intelligence on current attack methods.
• Responsible for maintaining and improving the forensics tooling
• Broader overall security related responsibilities as part of a cutting-edge security team
• Keep up to date with the changing process, technologies and legislative changes

Digital Forensics Incident Response Specialist (DFIR) - Job Requirements:

• Must hold relevant qualifications such as: GCFA, GCFE or be able to demonstrate sufficient knowledge relating to digital forensics.
• Deep technical and analytical security skills required and a minimum of 5 years security experience, ideally in a capacity where digital forensics and incident response formed a key part of the role(s) played.
• Must have in-depth understanding of common operating systems
• Must have experience in the technical investigation of cyber-attacks (digital forensics, malware analysis, incident response).
• Excellent knowledge of the cutting-edge industry standard tools digital forensic techniques as well as primary digital forensic examination utilities/software.
• Ability to complete the full end to end digital forensic process.
• Ability to identify, collect, preserve, extract and analyze electronic data from laptops, desktops, mobile devices, servers, cloud environments, backup tapes, and other storage mediums.
• Background in technical investigations, open-source intelligence collection, experience operating in the deep/dark web, and account take-over.
• Self-starter, takes initiative and is self-motivated; Takes ownership of problems, researches and recommends resolutions and sees through to completion.
• Scripting and development of small tactical software solutions desirable

Digital Forensics Incident Response Specialist (DFIR) - Desirable:

• Experience of working in CERT or security operations environments preferred.
• Experience with F-Response and Encase preferable.

If you feel you're suitable for this DFIR role, please apply via this job ad or contact Bobby directly at bcorbyn@marcusdonald.com