Forensics Analyst | AIIR – AI-driven Incident Response

Company Description

AiiR Response Inc. is an AI-driven platform specializing in breach response and extortion management to automate negotiations, investigations, and recovery. At the core of our operations is CEIRA, an AI-powered virtual analyst for ransom negotiations, cryptocurrency payment tracking, forensic investigations, and automated breach notifications. We empower cyber insurers, enterprises, and cybersecurity teams to reduce breach costs, respond faster, and ensure compliance through AI-enhanced threat detection and containment. Visit us at www.AiiResponse.com for more information.

Role Description

This is a contract remote role for a Forensics Analyst. The Forensics Analyst will be responsible for conducting forensic analysis and investigations, analyzing malware, and compiling evidence related to cybersecurity incidents. They will utilize AI-driven tools to streamline the forensic process and enhance threat intelligence gathering.

Qualifications

• Forensic Analysis and Evidence skills
• Malware Analysis and Analytical skills
• Cybersecurity expertise
• Strong written and verbal communication skills
• Ability to work independently in a remote setting
• Experience with AI-driven forensic tools is a plus
• Bachelor’s degree in Computer Science, Information Security, or a related field
• Relevant certifications such as CISA, GCFA, or CEH are advantageous

Responsibilities

• Conduct digital forensic investigations across Windows, Linux, and macOS environments.
• Use 

  Velociraptor

   alongside other forensic tools to collect, preserve, and analyze evidence.
• Perform endpoint, memory, and disk forensics to uncover attacker actions, persistence, and lateral movement.
• Develop Velociraptor VQL queries for targeted hunts and investigations.
• Correlate forensic findings with SOC alerts, threat intel, and IR casework.
• Document findings with clear timelines and technical evidence suitable for incident response and legal reporting.

Requirements

• 2-4+ years of experience in digital forensics/incident response.
• Hands-on experience with 

  Velociraptor

   plus at least two additional tools (Volatility, Autopsy, FTK, EnCase, etc.).
• Strong knowledge of Windows internals, registry analysis, and common attacker TTPs.
• Scripting ability (Python, PowerShell, Bash) to automate evidence extraction.
• Solid understanding of chain-of-custody and evidence preservation best practices.

If you’re passionate about building elegant, scalable user interfaces and want to work on next-generation AI-powered security solutions, we’d love to hear from you!