Role: DFIR Analyst (Digital Forensics & Incident Response)
Contract: 6 Months +
Day Rate: £400 - £500
*Our leading client requires a Senior DFIR Analyst to provide expert advice and guidance on all matters concerning digital forensics and incident response.
*The Senior DFIR Analyst will be a subject matter expert in both e-Discovery and Cyber Security Incident Response investigations and will have sound knowledge in applying a vast array of cyber security and core DFIR tools. The primary role of the Senior DFIR Analyst is to provide a complete response to all DFIR tasks exercising sound application of the electronic discovery reference model (EDRM) in the case of e-discovery and applying skills, knowledge and experience to CSOC in all aspects of the incident response lifecycle.
*Carry out laboratory and on site forensic collection activities in support of DFIR tasks following best practice for all data types with a strong focus on network collection and analysis
*Perform analysis of data collected and report evidence of fact and expert witness testimony
*Draft and present evidence of fact and opinion
*Communicate to CSO about lessons learned from root cause analysis so security improvements can be implemented
*Coordinate and respond to security incidents using commercial and/or open source technologies.
*Perform advanced (dynamic and behavioral) malware analysis
*Define process and procedure
*Support Lead Analysts in all aspects of DFIR activity
*Provide a complete response to all DFIR tasks
*Provide technical mentoring and direction for CSOC staff with a view to enhancing the cyber response & investigation capabilities of the organization
*Provide technical advice and guidance to the organization, including expert opinion on matters concerning e-discovery and post incident investigation.
*Effectively engage organizational stakeholders across DR&S, Corporate Security & Legal to continuously improve investigation & response services
*Develop and leverage advanced toolset to increase investigation & response capabilities.
*Mentor and coach DFIR Analysts and Technicians
*Peer review DFIR Analysts reports
Knowledge & Experience Required:
*3+ year' work experience within CSOC incident response & e-Discovery Litigation.
*Demonstrated ability to coordinate and respond to security incidents using commercial and/or open source technologies.
*Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs).
*Knowledge of data science and interpretation of digital evidence.
*Knowledge of criminal legislation impacting digital evidence.
*Knowledge of data protection legislation and the rules governing personally identifiable information (PII).
*Experience of report writing and providing expert witness testimony.
*Experience of malware reverse engineering
*Solid understanding of networking protocols and infrastructure designs; including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.
If you are interested in this role please contact Craig Calvert : Craig(Underscore) Click here to contact this recruiter
Spring acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Spring Group UK is an Equal Opportunities Employer.
By applying for this role your details will be submitted to Spring. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: www.spring.com/candidate-privacy-information-statement