SOC L3 - Senior Digital Forensics (DFIR) Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
We are seeking a highly skilled Senior DFIR Specialist to lead our incident response efforts and safeguard our digital ecosystem.
Key Skills for This Role
Full Job Posting
Overview
We are seeking a highly skilled
Senior Dfir Specialist
to lead our incident response efforts and safeguard our digital ecosystem.
In this role, you won't just react to alerts; you will be the lead investigator conducting deep-dive forensics, a proactive hunter seeking out hidden adversaries, and a strategist architecting remediation for complex security breaches.
If you have a passion for uncovering the "how" and "why" behind an attack and the technical grit to hunt across Windows, Linux, and Cloud environments, we want to talk to you.
Key Responsibilities
- **Incident Response & Remediation:**
- Lead the end-to-end response lifecycle for data breaches, APTs, and ransomware.
- Develop and execute strategic remediation plans to reclaim compromised environments.
- **Deep-Dive Forensics:**
- Perform comprehensive host, network, and mobile forensics using industry-standard tools (FTK, EnCase, Cellebrite) while maintaining strict chain-of-custody protocols.
- **Proactive Threat Hunting:**
- Design and execute advanced hunting queries (KQL) to identify stealthy TTPs and IOCs that bypass traditional defenses.
- **Cloud & Network Analysis:**
- Conduct forensic investigations across AWS and Azure environments and analyze network traffic via NDR and Security Onion.
- **Detection Engineering:**
- Map threats to the MITRE ATT&CK framework and build automated scripts to enhance log analysis and SIEM (Splunk/Sentinel) detection rules.
- **Intelligence & Reporting:**
- Translate complex technical findings into high-quality forensic reports and executive presentations for stakeholders.
What You’ll Need to Succeed
- **Experience:**
- Minimum 6 years of dedicated experience in Digital Forensics, Incident Response, or Threat Hunting.
- **Technical Mastery:**
- Expertise in
Forensic Tools
- (EnCase, FTK, Oxygen, Volatility, Cellebrite).
- Proficiency in
Siem And Edr
platforms and writing complex
Kql
- queries.
- Hands-on experience with
Cloud Forensics
- (AWS/Azure).
- Ability to perform initial malware triage and packet capture analysis.
- **Education:**
- Bachelor’s degree in Cybersecurity, Computer Science, or a related field.
- **Certifications (Mandatory):**
- Must hold relevant DFIR certifications.
- *Preferred:*
- SANS GCFA, GCFE, or GCIH.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career