Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: DFIR Analyst Austin, TX or Remote GCFE, GCFA InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
DFIR Analyst
Company CFC Response / Solis Security
Location Austin, TX or Remote
Preferred GIAC Certifications GCFE, GCFA
Travel 0%
Salary Not provided
Contact Name Anonymous
Contact Email recruiting/at/
Expires 2022-04-06

Job Description

Digital Forensics / Incident Response Analyst

Solis Security

Austin, Texas or Full Remote

Forensics Analyst Role (Jr – Sr)

The Forensics Analyst shall be responsible for conducting in-depth examinations for host-based systems from a live response engagement and/or post-breach incident that will lead in determining a root cause of the reported incident. The Investigator working in this role must be able to conduct a free-form analysis while utilizing available forensic tools and investigative methods to answer relevant questions, typically for a legal audience. The Forensic Investigator shall be proficient in note taking, report writing, and must possess the ability to communicate findings to technical and non-technical audiences.

Basic Qualifications:

Analyze intrusion techniques that assist with determining a root cause analysis

Accurately report and communicate findings

Be able to demonstrate working knowledge on performing a forensic examination

Be familiar with Incident Response processes and procedures

Be familiar with incidents involving malware, ransomware, and website exploitation

Have a working understanding of various file systems (FAT32, NTFS, EXT2, HFS+)

Have a working understanding of operating systems concepts

Identify artifacts that support malicious use leading to data exfiltration

Possess an understanding of performing a registry analysis and identify persistence locations

Strong written and verbal skills

Utilize EDR tools such as Carbon Black, SentinelOne, Huntress, and other platforms as required

Working understanding of conducting memory analysis using tools such as Axiom and Volatility

Working understanding of malware analysis and sandboxing

Desired Skills

Create and run scripts that will aid in automating the forensic analysis process

Familiarity with a programming language such as Python, PowerShell, C++, and JavaScript

Have an industry standard certification(s) such as: GCIH, GCFE, GCFA, GREM, CEH, CHFI

Obtain and generate indicators of compromise to assist with documentation of Threat Actor tactics and techniques

Perform static and dynamic malware analysis


The Forensics Team at Solis Security is constantly in search of betterment and excellence with each investigation we perform. Our team cultivates a learning environment that every Investigator can leverage to increase their knowledge as well as mentor each other on their respective specialties. With each hire we strive to add unique skillsets and backgrounds that can enhance the overall stature of the team. Ideal candidates are humble and eager life-long learners who seek to gain experience quickly while being reliable teammates on a supportive team.