remote
Tier 3 Digital Forensics and Incident Response Analyst - Tyto Athene
Software Engineer
Senior analyst leading complex cyber investigations, triaging high‑priority alerts, and guiding junior staff through advanced digital forensics and incident response using SIEM tools, scripting, and malware analysis techniques.
About the role
Key Responsibilities
- Lead cross‑functional investigations of high‑severity cybersecurity incidents, from initial triage to final remediation.
- Perform deep-dive digital forensics on Windows, Linux, and cloud environments, preserving evidence and documenting findings.
- Utilize SIEM platforms and advanced security tooling to analyze alerts, correlate data, and identify threat actors.
- Develop and execute custom Python scripts and automation to accelerate evidence collection and analysis.
- Mentor Tier 1/2 analysts, providing escalation support and guidance on complex cases.
- Coordinate with client stakeholders to communicate incident status, impact, and recommended mitigation strategies.
Requirements
- 5+ years of hands‑on experience in digital forensics and incident response.
- Proficiency with forensic tools (e.g., EnCase, FTK, Volatility) and SIEM solutions (e.g., Splunk, QRadar).
- Strong scripting skills, preferably Python, for automation and data parsing.
- Deep understanding of Windows and Linux operating system internals, file systems, and memory analysis.
- Excellent analytical, communication, and mentorship abilities.