Senior Digital Forensics & Incident Response (DFIR) Analyst at Cyber Advisors at Jobgether – United States

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Digital Forensics & Incident Response (DFIR) Analyst in United States.

In this senior technical cybersecurity role, you will act as a key escalation point for complex security incidents, leading end-to-end digital forensic investigations across endpoint, cloud, identity, and network environments. You will be responsible for uncovering attacker behavior, reconstructing timelines, and delivering clear, defensible findings that support both technical remediation and executive decision-making. Working within a fast-paced security operations environment, you will collaborate closely with SOC teams, engineers, and leadership to improve incident readiness and response maturity. Beyond investigations, you will shape DFIR playbooks, enhance tooling and automation, and help refine detection strategies based on real-world threat activity. This is a highly impactful role where your expertise directly strengthens organizational resilience against evolving cyber threats. You will also mentor junior analysts and contribute to building a high-performing DFIR function grounded in precision, collaboration, and continuous improvement.

In this role, you will lead and elevate digital forensics and incident response capabilities, ensuring thorough investigations and high-quality outcomes across all security events. Your responsibilities will include:

• Leading complex DFIR investigations from scoping through analysis, validation, and final reporting across endpoint, cloud, identity, and network data sources
• Performing advanced forensic analysis including disk, memory, cloud artifact examination, and attacker timeline reconstruction
• Leading or co-leading major incident response efforts, coordinating containment, eradication, recovery, and evidence preservation activities
• Conducting root cause analysis to identify attacker TTPs and recommending preventive security improvements
• Producing clear and structured incident reports tailored for both technical teams and executive stakeholders
• Developing, improving, and standardizing DFIR playbooks, evidence handling procedures, and investigation documentation
• Designing automation and tooling improvements (scripts, parsers, SOAR integrations) to accelerate investigations
• Supporting threat hunting and detection engineering by translating DFIR findings into actionable detection improvements
• Mentoring and coaching DFIR analysts through case reviews, training, and technical guidance

The ideal candidate brings strong hands-on DFIR expertise combined with leadership capability in high-pressure security environments. You will have:

• 4–7+ years of experience in DFIR, incident response, threat detection, or digital forensics roles
• Proven experience leading complex security investigations and coordinating cross-functional response efforts
• Strong proficiency with SIEM and EDR platforms and forensic investigation tools
• Deep understanding of incident response lifecycle, chain-of-custody principles, and forensic best practices
• Ability to analyze multi-source security telemetry and reconstruct attacker activity across environments
• Experience producing high-quality technical and executive-level incident reports
• Strong communication skills with the ability to engage both technical and non-technical stakeholders
• Experience mentoring or guiding junior analysts in investigative work
• Relevant certifications such as GCIH, GCFA, GCFE, GNFA, CCDL2, SBTL2, CISSP (or equivalent)

• Competitive salary based on experience and skills
• PTO and 8 paid holidays
• Employer-paid health and dental insurance
• 401(k) with employer matching
• Disability and life insurance coverage
• Strong career growth and advancement opportunities
• Exposure to complex, high-impact cybersecurity investigations