Digital Forensic Investigator

Job Description

Qualifications & Experience: Minimum of 2 years of hands-on experience in digital forensics, cybercrime investigations, or related technical fields. Exposure across both public and private sectors is preferred. Proven expertise in identifying, containing, mitigating, and recovering from cybersecurity incidents, with strong post-incident reporting capabilities. Demonstrated ability to independently develop and continuously improve skills in Digital Forensics, DFIR methodologies, and evolving cybersecurity trends. In-depth knowledge of forensic best practices, industry standards, and investigative methodologies for both host-based and network-level analysis. Proficient in the forensic preservation of digital evidence across a variety of platforms in a forensically sound and defensible manner. Familiarity with internationally recognized digital evidence acquisition and handling standards (e.g., NIST, ISO 27037). Hands-on experience with forensic tools and techniques supporting internal investigations, such as employee misconduct or data exfiltration cases. Experience serving as an escalation point for suspected security incidents or intrusions, including initial triage and scoping. Proficient with endpoint detection and response (EDR) tools and live forensics techniques. Practical knowledge of forensic analysis on multiple operating systems: Windows, macOS, and Linux. Strong command of DFIR-related open-source tools, memory analysis, and full-disk forensics. Capable of leading or participating in large-scale forensic investigations both independently and as part of a team. Skilled in performing root cause analysis and post-incident forensic reviews for cyber events and security breaches. Proven ability to prepare comprehensive investigation reports, breach summaries, and documentation for privacy and data exposure incidents. Exceptional attention to detail and ability to maintain thorough and accurate investigative records and chain-of-custody documentation. Preferred Certifications (one or more): CHFI (Computer Hacking Forensic Investigator) CIH (Certified Incident Handler) CSA (Certified SOC Analyst) CEH (Certified Ethical Hacker) GSEC (GIAC Security Essentials) GCIH (GIAC Certified Incident Handler) GCIA (GIAC Certified Intrusion Analyst) GCFE (GIAC Certified Forensic Examiner) GREM (GIAC Reverse Engineering Malware) GCFA (GIAC Certified Forensic Analyst)