CrawlJobs Logo

Digital Forensic Incident Response Analyst

alight.com Logo

Alight Solutions

Location Icon

Location:
United States of America , Virtual

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

130000.00 - 153000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Incident Response Analyst is responsible for managing and enhancing security incident response processes, ensuring the organization is prepared to address and mitigate cyber threats effectively. This role involves leading investigations, coordinating responses, and collaborating with various teams to strengthen the organization's security posture.

Job Responsibility:

  • Leading incident investigations, analyzing threats, and coordinating prompt responses to security incidents
  • Developing and refining incident response playbooks, procedures, and tools to enhance overall security measures
  • Collaborating with engineering, security, infrastructure, and leadership teams during security events to ensure effective resolution
  • Conducting post-incident reviews, performing root-cause analysis, and implementing lessons learned to prevent recurrence
  • Improving detection and response capabilities to reduce risks and response times effectively
  • Leveraging threat intelligence to enhance detection signals and security strategies
  • Participating in on-call rotation and working off-shift hours when required during incidents

Requirements:

  • Minimum of one of these certifications: GCIH, GCIA, GREM, CISSP, Cloud Certifications (AWS/Azure)
  • 5+ years of experience in incident response, security engineering, or related fields
  • Managing high-pressure security incidents with proven effectiveness
  • Possessing deep technical expertise in incident handling frameworks, methodologies, and tools
  • Showcasing good knowledge of cloud infrastructure, Linux environments, and containerization technologies
  • US Citizenship requirements- as this role supports services provided to the federal government and/or a federal government contractor, proof will be required to verify US citizenship status at time of hire
What we offer:
  • A variety of health coverage options
  • Wellbeing and support programs
  • Retirement
  • Vacation and sick leave
  • Maternity, paternity & adoption leave
  • Continuing education and training
  • Several voluntary benefit options

Additional Information:

Job Posted:
January 10, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Alight Solutions - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Digital Forensic Incident Response Analyst

Cybersecurity Analyst

We are seeking a Cybersecurity Analyst to strengthen our security posture and pr...
Location
Location
United States , Fort Lauderdale
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or a related field
  • 3-5 years of experience in cybersecurity operations, threat analysis, or incident response
  • At least one industry certification (e.g., CompTIA Security+, CEH, CISSP, CISM, OSCP)
  • Hands-on experience with cybersecurity tools (e.g., Splunk, CrowdStrike, SentinelOne, Rapid7, Palo Alto, Tenable, Wireshark)
  • Strong knowledge of firewalls, proxies, encryption, DLP, SIEM, EDR, XDR, IDS/IPS
  • Experience with cloud security (AWS, Azure, or Google Cloud)
  • Familiarity with secure coding practices, DevSecOps, and CI/CD security
  • Understanding of threat modeling, MITRE ATT&CK, cyber kill chain, and risk management
  • Strong analytical and problem-solving skills
  • Excellent verbal and written communication skills, with the ability to present security-related topics to non-technical stakeholders.
Job Responsibility
Job Responsibility
  • Monitor and analyze security alerts from various tools such as SIEM, EDR, XDR, and IDS/IPS
  • Conduct threat intelligence analysis and proactive threat hunting
  • Investigate and respond to cybersecurity incidents, breaches, and vulnerabilities
  • Perform risk assessments, vulnerability scans, and penetration testing to identify security gaps
  • Work with IT and development teams to implement security controls and enhance system defenses
  • Develop and enforce security policies, procedures, and incident response plans
  • Conduct digital forensics and root cause analysis for security incidents
  • Stay up to date with emerging cyber threats, attack techniques, and security technologies
  • Ensure compliance with industry security frameworks (e.g., NIST, ISO 27001, CIS, PCI-DSS, GDPR, HIPAA)
  • Assist in security awareness training and company-wide security initiatives
What we offer
What we offer
  • Access to top jobs
  • competitive compensation and benefits
  • free online training
  • medical, vision, dental, and life and disability insurance
  • eligibility to enroll in company 401(k) plan.
  • Fulltime
Read More
Arrow Right

Forensic Analyst

Join the international Cyber Security Operations Center (SOC) as a Forensic Anal...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency with Windows, Macintosh, Linux/UNIX, and DOS operating systems
  • Strong understanding of information systems security, network architecture, and general database concepts
  • Experience with forensic tools (e.g., EnCase, FTK, Magnet Axiom), security assessments, penetration testing, and ethical hacking
  • Ability to conduct exams on compromised computers and servers, and perform live network analysis
  • Excellent written and oral communication skills
  • Ability to manage multiple projects, work under pressure, and maintain confidentiality
  • Experience managing client relationships, forensic cases, and corporate incidents
  • Relevant cybersecurity certifications (GCFA, CIH, GCFE, GCIA) are required
  • Professional proficiency in English (oral and written)
Job Responsibility
Job Responsibility
  • Lead and execute incident response missions to determine the cause and extent of security incidents
  • Conduct forensic investigations and electronic discovery for the cyber security group and legal department, using advanced forensic tools and proprietary methodologies
  • Manage and participate in forensic incident response missions (networks, systems, malware analysis, etc.)
  • Support the DFIR manager by communicating assignment progress and issues
  • Participate in Cyber Defense Center collaboration, projects, and compliance efforts related to CERT matters
  • Maintain a computer forensic lab and support SOC incident investigation activities
  • Contribute to advanced threat hunting and the enhancement of cybersecurity detection and response maturity
What we offer
What we offer
  • Competitive salary and annual performance bonus
  • Comprehensive benefits package: life insurance, long-term disability, health care, dental, vision, and a health spending account to support your well-being (Sopra Steria covers 100% of premiums)
  • Paid time off: sick leave, personal days, and 3 weeks of vacation
  • Monthly transportation allowance
  • Excellent training, development, and career advancement opportunities, with active support to strengthen your skills in a caring, collaborative, and inclusive company culture
  • Hybrid work environment
  • Provided equipment to ensure optimal productivity
  • Fulltime
Read More
Arrow Right
New

Senior Application Security Analyst

We are looking for a Senior Application Security Analyst (m/f/d) to join the Inc...
Location
Location
Germany , Hamburg or Berlin
Salary
Salary:
75000.00 - 85000.00 EUR / Year
aboutyou.de Logo
About You
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • min. 5+ years of experience in incident response security
  • Background in Cyber Security, Computer Science or IT Operations
  • Experience in incident response, blue teaming or digital forensics in cloud-native environments
  • Able to write scripts and programs to automate tasks in Python or another programming language
  • Proficient with Linux and a SIEM
  • Experience working with web application firewalls, Cloudflare preferred
  • Good communication and presentation skills, can explain technical terms in non-technical language
  • Fluent English skills (spoken & written)
Job Responsibility
Job Responsibility
  • Set up and maintain DFIR tools and infrastructure
  • Provide first response during security incidents, including digital forensics and post incident risk mitigation
  • Improve monitoring and scanning tools to detect security issues and automate routine tasks
  • Investigate and respond to security alerts in our systems
  • Create and maintain incident response playbooks
  • Keep an eye on current threats and zero-day vulnerabilities in the cyber security space and implement preventative measures within the organization
What we offer
What we offer
  • Hybrid working
  • Fresh fruit every day
  • Sports courses
  • Free access to code.talks
  • Exclusive employee discounts
  • Free drinks
  • Language courses
  • Laracast account for free
  • Company parties
  • Help in the relocation process
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

We are seeking a Senior SOC Analyst to lead advanced security monitoring, incide...
Location
Location
South Africa , South Africa
Salary
Salary:
Not provided
overturerede.in Logo
Overture Rede
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • 3–5 years of experience in SOC operations, incident response, or advanced security monitoring roles
  • One or more of the following advanced certifications: GIAC GCFA (Forensic Analyst) or GNFA (Network Forensics Analyst) GIAC GCTI (Cyber Threat Intelligence) GIAC GSOC (Security Operations Certified) CREST Registered Intrusion Analyst (CRIA) Advanced tool/vendor certifications (e.g., Splunk Enterprise Security Admin, Elastic Security Specialist)
  • Strong expertise in digital forensics, incident handling, and threat intelligence
  • Advanced knowledge of MITRE ATT&CK and threat actor TTPs
  • Proficiency in SIEM query languages (SPL, KQL, Lucene)
  • Experience working in 24×7 enterprise or MSSP SOC environments
  • Strong reporting, documentation, and stakeholder communication skills
Job Responsibility
Job Responsibility
  • Lead advanced incident response activities, including containment, eradication, and recovery
  • Perform digital and network forensic investigations to support incident analysis
  • Conduct proactive threat hunting and advanced detection engineering
  • Analyze threat intelligence and correlate with internal security events
  • Design, tune, and optimize SIEM and SOAR use cases and detection rules
  • Serve as an escalation point for complex security incidents
  • Provide mentorship and technical leadership to junior and intermediate SOC analysts
  • Develop SOC playbooks, procedures, and post-incident reports
  • Collaborate with security architecture and risk teams to improve security posture
What we offer
What we offer
  • Higher responsibility than junior role
  • Career growth opportunity
  • Strong job security
  • Fulltime
Read More
Arrow Right

Senior Security Investigator

The CyberSecurity Incident Response team (CIRT) is at the forefront of protectin...
Location
Location
United States , Seattle; San Francisco; Sunnyvale
Salary
Salary:
180000.00 - 200000.00 USD / Year
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 5+ years of experience in Security Investigations, Incident Response, Threat Hunting, or Digital Forensics within large-scale or high-risk environments.
  • Proven expertise with forensic tooling, log analysis, SIEM platforms, EDR solutions, and cloud investigation workflows (AWS/GCP/Azure).
  • Strong understanding of attacker TTPs, modern threat landscape, and frameworks like MITRE ATT&CK.
  • Hands-on experience building automation using Python, APIs, SOAR, or equivalent frameworks.
  • Ability to lead complex investigations end-to-end and communicate findings effectively to senior leadership.
  • Experience running or contributing to large cross-company security projects.
Job Responsibility
Job Responsibility
  • Lead complex security investigations end-to-end and perform deep forensic analysis across endpoints, cloud environments, identity systems, networks, and application logs to uncover root cause and attack paths.
  • Own & Build automation and tooling to accelerate evidence collection, log enrichment, triage workflows, and decision-making at global scale.
  • Improve detection and response capabilities by partnering with Threat Intelligence, Detection Engineering, and Platform teams.
  • Lead major cross-functional security initiatives that strengthen investigative readiness, digital forensics, cloud incident response, and threat-hunting capabilities.
  • Mentor and develop investigators and analysts, providing technical guidance, reviewing casework, and elevating investigative rigor.
  • Continuously evolve investigation methodology by analyzing trends, identifying gaps, and embedding lessons learned back into the security ecosystem.
What we offer
What we offer
  • Eligible to participate in Uber's bonus program
  • May be offered an equity award & other types of comp
  • Eligible for various benefits (details at provided link)
  • Fulltime
Read More
Arrow Right

Cybersecurity Expert (SOC & Cloud)

The Security team is excited to welcome a motivated Cybersecurity Expert to help...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
leadtech.com Logo
Leadtech Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor/ Master's degree in Cybersecurity, Information Security, Computer Science, or a similar discipline
  • Knowledge of Security frameworks such as ISO 27001, NIST, PCI-DSS, OWASP, GDPR
  • Knowledge of technical concepts such as cloud computing, code review, application security, cryptography, forensics, vulnerability detection (Azure & AWS are a must)
  • Deep Knowledge of cybersecurity/technical concepts such as: GNU/Linux systems
  • Microsoft Sentinel and Defender, as well as experience with writing KQL queries
  • Microsoft Azure (Network Security Groups, Recovery Services Vaults, Playbooks and Workbooks)
  • TCP/IP, DNS, and firewalls
  • Python, Bash, and SQL, Java, PHP
  • Familiarity with attack and exploitation techniques involving operating systems, applications, and devices (CISSP, CompTIA, CEH)
  • Understanding of security best practices for data and systems protection
Job Responsibility
Job Responsibility
  • Operate & optimize (and potentially Lead) a Security Operations Center (SOC)
  • Advanced Incident Investigation and Analysis
  • Handling Complex Threats: Investigating high-priority alerts escalated from Tier 1/2, such as potential APTs (Advanced Persistent Threats) or ransomware
  • Deep-Dive Analysis: Performing forensics on compromised systems, analyzing malware, and reconstructing attack chains using packet captures and log data
  • Cross-Source Correlation: Stitching together fragmented data from SIEM, EDR (Endpoint Detection and Response), and NDR (Network Detection and Response) tools to build a comprehensive picture of the attack
  • Proactive Threat Hunting and Detection Engineering
  • Threat Hunting: Proactively searching network and endpoint data for undetected, hidden threats rather than waiting for alerts
  • Rule Creation & Tuning: Developing custom detection logic and SIEM correlation rules to identify new malicious behavior
  • Reducing False Positives: Refining alert systems to minimize noise, ensuring the team focuses on genuine security incidents
  • Incident Response and Containment
What we offer
What we offer
  • Flexible career path with personalized internal training and an annual budget for external learning opportunities
  • Flexible schedule with flextime (7 - 9:30 a.m. start, 3:30 - 6 p.m. end)
  • Free Friday afternoons with a 7-hour workday
  • 35-hour workweek in July and August
  • Competitive salary
  • Full-time permanent contract
  • Top-tier private health insurance (including dental and psychological services)
  • 25 days of vacation plus your birthday off, with flexible vacation options—no blackout days
  • Office in Barcelona complete with free coffee, fresh fruit, snacks, a game room, and a rooftop terrace with stunning Mediterranean views
  • Ticket restaurant and nursery vouchers, paid directly from your gross salary
  • Fulltime
Read More
Arrow Right

Investigation & Forensic Analyst

The Investigation & Forensic Analyst is responsible for identifying exposures to...
Location
Location
United States , San Diego
Salary
Salary:
43.00 - 47.00 USD / Hour
gomillenniumsoft.com Logo
MillenniumSoft Inc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Management Information Systems or related field
  • 1-3 years of experience conducting digital forensics or incident response in a full-time role
  • 1-3 years of experience conducting digital investigations in a corporate or law enforcement role
  • Previous experience with Data Loss Prevention technologies and platforms
  • Previous experience working with Encase and Forensic Toolkit (FTK)
  • Previous experience with Network monitoring tools
  • Incident management training and experience in a large-scale environment
  • In-depth knowledge of Windows operating systems
  • Excellent analytical and problem-solving skills
  • Proven ability to deliver tough messages in a professional manner
Job Responsibility
Job Responsibility
  • Properly acquire, preserve and process electronic data to industry standards
  • Perform forensic analysis on various devices
  • Produce quality evidence-based reports as necessary
  • Cyber incident triage and forensics evaluation for cyber threats
  • Interface effectively in key relationships such as Security Operations, and be able to partner with Legal and HR as necessary
  • Evaluate risk based on questionnaires and draft reports
  • Accountable for setting own work direction and completing work tasks
  • Conduct interviews and provide appropriate reports to key stakeholders which summarize the findings
  • Deliver investigation recommendations and reporting by collecting, evaluating and disseminating accurate and timely intelligence information to appropriate managers
  • Assist with additional projects as needed
  • Fulltime
Read More
Arrow Right

Principal Cybersecurity / Threat Hunter Analyst

Berkshire Hathaway Specialty Insurance (BHSI) has an exciting opportunity for a ...
Location
Location
United States , Boston
Salary
Salary:
135000.00 - 170000.00 USD / Year
bhspecialty.com Logo
Berkshire Hathaway Specialty Insurance
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on cybersecurity experience across incident response, forensics, vulnerability management, and cloud security
  • Expertise in threat intelligence tools, network analysis, and attack simulation
  • Strong knowledge of IAM, PIM/PAM, and regulatory frameworks (NIST, GDPR, ISO, SOC2)
  • Proven leadership in managing security incidents and driving remediation
  • Certifications like CISSP, CISM, OSCP, or similar are a plus
Job Responsibility
Job Responsibility
  • Drive threat hunting activities, simulating red team/blue team exercises
  • Lead the charge in threat hunting and digital forensics, identifying and neutralizing risks before they escalate
  • Perform deep-dive analysis of critical security events to assess immediate and long-term impact
  • Advance our SOAR capabilities, making incident response faster and smarter
  • Spearhead our threat intelligence program, aggregating and analyzing global threat data
  • Collaborate across teams to elevate cybersecurity maturity and embed best practices
  • Act as a trusted advisor and thought leader, shaping security strategy and awareness
What we offer
What we offer
  • Comprehensive Health, Dental and Vision benefits
  • Disability Insurance (both short-term and long-term)
  • Life Insurance (for you and your family)
  • Accidental Death & Dismemberment Insurance (for you and your family)
  • Flexible Spending Accounts
  • Health Reimbursement Account
  • Employee Assistance Program
  • Retirement Savings 401(k) Plan with Company Match
  • Generous holiday and Paid Time Off
  • Tuition Reimbursement
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy