Job
Description
The Forensics Analyst will play a key role in conducting and supporting digital forensic investigations, cloud and memory analysis, and incident response activities as part of ongoing cybersecurity research, national security initiatives, and critical infrastructure protection projects under C3iHub, IIT Kanpur.
The position involves both hands-on forensic analysis and research contribution to developing frameworks, methodologies, and tools for advanced forensic investigation and cyber threat attribution across on-premises, cloud, and hybrid environments. -Conduct end-to-end digital and cloud forensic investigations for incidents involving system compromise, data breaches, or insider threats.-Perform disk, memory, mobile, and cloud forensics using industry-standard tools and open-source frameworks.-Acquire and preserve digital evidence from on-premises and cloud environments (AWS, Azure, GCP) following proper chain-of-custody procedures.-Analyze logs, virtual machines, and storage data from cloud platforms to identify malicious activity and misconfigurations.-Support incident response operations by providing forensic insights, identifying attack vectors, and validating indicators of compromise (IOCs).-Conduct malware and payload analysis, identifying persistence mechanisms, encryption routines, and command-and-control (C2) patterns.-Work on research-driven forensic projects, including tool development, forensic automation scripts, and forensic readiness frameworks for IT, OT, and cloud environments.-Collaborate with law enforcement agencies, CERTs, and defense partners for forensic data sharing and technical validation.-Generate comprehensive forensic and technical reports for internal and external stakeholders.-Maintain and enhance the forensics lab environment at C3iHub, ensuring up-to-date toolsets for disk, memory, and cloud forensic analysis.-Contribute to training programs, workshops, and publications in the field of digital, memory, and cloud forensics. -Bachelor s or Master s degree in Computer Science, Cybersecurity, Information Technology, or Digital Forensics.-2-3 years of hands-on experience in digital forensics, incident response, or malware analysis.-Strong command of forensic tools such as Autopsy, FTK, EnCase, Magnet AXIOM, Volatility, Cellebrite, X-Ways, or Sleuth Kit.-Experience with cloud forensic tools and techniques for AWS, Azure, or GCP environments.-Sound understanding of Windows, Linux, and Android forensics, including file systems and registry artifacts.-Experience with memory forensics, log correlation, and timeline reconstruction.-Familiarity with SIEM platforms (Splunk, ELK, Chronicle) and threat hunting methodologies.-Understanding of chain of custody, evidence handling, and cyber law principles.-Excellent analytical thinking, documentation, and report writing skills.-Ability to work collaboratively in a multi-disciplinary research environment and under time-sensitive investigation scenarios.
