Mid-Level Digital Forensics and Incident Response Analyst - Cayuse Holdings

Key Responsibilities

• Conduct real‑time analysis of security incidents, collect and preserve volatile and non‑volatile evidence, and produce actionable findings.
• Perform forensic examinations on Windows, Linux, and mobile platforms, utilizing tools such as EnCase, FTK, and open‑source utilities.
• Develop and execute threat‑hunting queries across SIEM platforms, identifying indicators of compromise and emerging attack patterns.
• Analyze malicious code and payloads, reverse‑engineer malware samples, and create detection signatures.
• Collaborate with senior analysts and cross‑functional teams to improve response playbooks, reporting, and post‑incident lessons learned.

Requirements

• 2–4 years of hands‑on experience in digital forensics, incident response, or related cybersecurity roles.
• Proficiency with forensic tools (e.g., EnCase, FTK, Volatility) and scripting in Python for automation and data parsing.
• Strong understanding of network protocols, Windows/Linux operating systems, and common attack vectors.
• Experience conducting threat hunting and malware analysis, including creating YARA rules or IDS signatures.
• Relevant certifications such as GCFA, GCIH, or similar are preferred.