urgent requirement For Digital Forensics & Incident Response (DFIR)

Job Title: Digital Forensics & Incident Response (DFIR) Specialist

Location: Mumbai
Experience: 3-7 yearsEmployment Type: Full-time

Job Summary:

We are looking for a skilled DFIR Specialist with hands-on expertise in investigating and responding to cyber incidents, conducting digital forensic analysis, and managing procedural aspects like chain of custody creation and evidence handling. The ideal candidate will have experience in threat containment, root cause analysis, and forensic reporting while ensuring compliance with legal and regulatory standards.

Key Responsibilities:

• Lead cyber incident investigations including identification (Root Cause Investigation) , containment, eradication, and recovery.
• Perform digital forensics on various platforms (Windows, Linux, mobile devices, cloud).
• Collect, preserve, and analyze digital evidence while ensuring chain of custody is properly maintained.
• Conduct log analysis, memory forensics, and disk imaging to identify indicators of compromise (IoCs).
• Collaborate with SOC, Red Team, and Threat Intelligence teams for incident triage and threat attribution.
• Prepare detailed incident reports, timelines, and forensic findings for internal and external stakeholders.
• Work on malware analysis, reverse engineering, and identifying root cause of security breaches.
• Maintain forensic toolkits (e.g., EnCase, FTK, Volatility, Autopsy, X-Ways) and develop custom scripts where required.
• Stay updated with cybercrime trends, APT tactics, and forensic methodologies.
• Support legal proceedings by providing expert forensic documentation and evidence presentation when required.

Required Skills and Competencies:

• Strong understanding of DFIR methodologies, incident lifecycle, and NIST/SANS frameworks.
• Proficiency in forensic tools like EnCase, FTK, X-Ways, Autopsy, Volatility, Sleuth Kit, Magnet Axiom.
• Familiarity with SIEM, EDR, and threat hunting platforms (Splunk, ELK, CrowdStrike, etc.).
• Expertise in log correlation, network forensics, and packet analysis (Wireshark, Zeek).
• Knowledge of memory analysis, registry analysis, and OS internals (Windows, Linux, macOS).
• Familiarity with legal and procedural aspects of digital forensics (chain of custody, admissibility in court).
• Relevant certifications like GCFA, GCFE, CHFI, CFCE, CCE, or GCIH (preferred).

Qualifications:

• Bachelors degree in Computer Science, Information Security, Digital Forensics, or related field.
• 3+ years of experience in DFIR or cybersecurity incident response.
• Hands-on experience with forensic investigations across multiple platforms and environments.

Relevant experience and interested candidate can share resume on pooja.furia@63moons.com