Senior Digital Forensics and Incident Response Analyst

Pen Test Partners
Liverpool
3 weeks ago
Create job alert

Pen Test Partners works with clients globally providing cyber security consultancy and testing services. We work with the most cutting-edge industries, including Automotive, Aerospace, and Maritime.


With over 140 employees across pen testing, consultancy, digital forensics, sales and support functions, we pride ourselves in attracting the right people and providing them with the environment to develop and perform at their best. Going the extra mile to work on cool research, publish and promote expert cyber security knowledge and deliver outstanding work for our customers, all in support of our industry.


We are seeking a Senior DFIR Analyst to join our team, leveraging their technical expertise and investigative mindset to support forensic investigations and incident response engagements. The ideal candidate will have a methodical approach to problem-solving, ensuring investigations are thoroughly documented and findings are communicated effectively to both technical and non-technical stakeholders.


This role requires experience with CrowdStrike, Magnet Axiom, SIFT Workstations, and AWS, along with strong technical skills in systems administration, networking, and cloud forensics. The successful candidate should be comfortable translating forensic requirements and guiding clients through incident triage and response strategies.


Key Responsibilities:

  • Conduct digital forensic investigations across endpoint, network, and cloud environments.
  • Perform incident response investigations, working across multiple environments, including on-premises and cloud-based infrastructures (AWS & Azure).
  • Utilise CrowdStrike, Magnet Axiom, X-Ways, and SIFT Workstations to collect and analyse forensic evidence.
  • Develop and script tooling for the task at hand.
  • Support forensic and incident response engagements by documenting findings, writing detailed reports, and delivering presentations to both technical and non-technical stakeholders.
  • Work closely with clients to understand their forensic and security requirements, translating them into actionable investigation strategies.
  • Develop and refine forensic methodologies and procedures to ensure consistent, high-quality investigations.
  • Provide guidance and best practices on forensic readiness and security incident management.
  • Collaborate with threat intelligence teams to correlate forensic findings with threat actor tactics, techniques, and procedures (TTPs).
  • Conduct compromise assessments and proactive threat hunting using forensic tools and log analysis.
  • Assist in the triage and scoping of incidents, working directly with clients and our client account management team to define investigative priorities.
  • Support cloud forensics investigations, ensuring the correct collection, handling, and analysis of digital evidence in AWS and Azure environments.


Key Skills & Experience:

  • Proven experience in DFIR, with hands-on expertise in forensic analysis, incident response, and threat investigations.
  • Technical background (e.g., previous experience as a systems or network administrator) with a solid understanding of operating systems, networking, and security architectures.
  • Proficiency in CrowdStrike, Magnet Axiom, and SIFT Workstations.
  • Strong knowledge of AWS and Azure security architectures, including how to perform forensic investigations in cloud environments.
  • Experience with log analysis, endpoint forensics, and memory forensics.
  • Strong analytical and problem-solving skills, with a methodical and detail-oriented approach to investigations.
  • Excellent documentation and reporting skills, ensuring investigation findings are communicated clearly and accurately.
  • Ability to translate complex forensic concepts into client-friendly language, supporting engagement with both technical and executive stakeholders.
  • Experience with forensic data preservation, chain of custody, and evidential procedures.
  • Familiarity with threat intelligence frameworks (MITRE ATT&CK, TTP mapping, IOC development).
  • Certifications such as GCFA, GCIH, CISSP, AWS Security Specialty, Azure Security Engineer, or equivalent are desirable.


Who You Are:

  • A methodical thinker with a structured approach to forensic investigations.
  • A strong communicator, capable of presenting complex findings in a clear and concise manner.
  • A self-motivated problem solver, able to work independently and as part of a team.
  • Someone with a passion for cybersecurity, eager to stay ahead of emerging threats and forensic techniques.


If you are a technical, detail-oriented DFIR professional with experience in on-prem and cloud forensics, we’d love to hear from you!

Related Jobs

View all jobs

Senior Digital Forensics and Incident Response Analyst

Cyber Security Assurance Tester and IR Specialist

SOC Shift Lead

Senior Cyber Security Operations Center (CSOC) Analyst - USDS

Principal Cyber Security Consultant

Senior Security Engineer

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

Navigating Cybersecurity Career Fairs Like a Pro: Preparing Your Pitch, Questions to Ask, and Follow-Up Strategies to Stand Out

In a world where digital threats are escalating and online infrastructure underpins nearly every aspect of our personal and professional lives, cybersecurity has swiftly become one of the most sought-after career fields. Demand for skilled cybersecurity professionals outstrips supply, both in the UK and globally. From ethical hackers and penetration testers to governance, risk, and compliance (GRC) specialists, the opportunities are extensive—and lucrative. Amidst this surge in demand, cybersecurity career fairs provide an invaluable chance to meet potential employers face-to-face, gain industry insights, and make connections that can accelerate your career trajectory. Unlike applying to countless jobs online, these events bring companies, security leaders, and aspiring candidates together under one roof. When approached with the right strategy, a single conversation at a cybersecurity fair can open the door to your dream job. In this comprehensive guide, we’ll explore how to prepare thoroughly, engage confidently, and follow up effectively after a cybersecurity career fair. By incorporating these insights into your approach, you’ll stand out from the crowd and maximise your chances of securing the perfect role in this fast-growing field.

Jobs

Common Pitfalls Cyber Security Job Seekers Face and How to Avoid Them

The cyber security industry in the UK and worldwide is experiencing rapid growth. With cyber attacks growing in sophistication and frequency, organisations are investing more resources than ever into defending their digital assets. From penetration testers and threat analysts to security architects and compliance officers, cyber security professionals are in high demand across a variety of sectors—including finance, healthcare, government, and retail. Yet, in spite of this high demand, the process of landing a cyber security role can be more challenging than many candidates anticipate. The stakes are high: prospective employers entrust cyber professionals with their most sensitive data, their compliance posture, and often their core business operations. Therefore, they’re looking for candidates who can demonstrate not just technical know-how, but also excellent communication, adaptability, and an awareness of the broader business context. In this article, we’ll explore the most common pitfalls that cyber security job seekers face, especially in the UK market, and how to avoid them. Whether you’re a recent graduate, a professional transitioning from a different field, or an experienced practitioner aiming for a senior role, these insights will help you stand out and secure the opportunities that fit your skill set and career goals.

Careers

Career Paths in Cybersecurity: From Entry-Level Roles to Leadership and Beyond

Cybersecurity has emerged as one of the most critical and fastest-growing fields in technology today. With data breaches and ransomware attacks making headlines, organisations of all sizes and in every sector are recognising the urgent need for robust cybersecurity measures. As a result, professionals with the right mix of technical and strategic skills are in high demand—offering competitive salaries, diverse career paths, and ample opportunities for progression. How do you begin a career in cybersecurity, and how can you advance from technical roles to leadership positions? In this in-depth guide, we explore the cybersecurity career ladder, outlining roles at entry, mid, and senior levels, as well as the key skills, qualifications, and experiences you’ll need to climb it. Whether you’re an aspiring cybersecurity analyst, a seasoned penetration tester, or an IT professional looking to pivot, this article will help you understand the paths available and how to chart your course towards success in the thriving UK cybersecurity market.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.