DFIR & Forensics Analyst
Family: Security
Investigates security incidents and performs digital forensics to determine scope, root cause, and attacker activity.
Day to day
Acquires and analyzes disk and memory images, traces attacker lateral movement, writes incident timelines, and contributes to post-incident hardening.
Core skills
- digital forensics
- incident response
- memory analysis
- log analysis
- malware triage