Senior DFIR Analyst – Job Description

Evvo Technology Solutions Pvt Ltd
Chennai, Tamil Nadu

Quick apply

Job details

Permanent | Full-time
From ₹20,000 a month

Benefits

Provident Fund
Health insurance
Flexible schedule

Qualifications

Azure
Computer Science
CISSP
Windows
Master's degree
CEH
CISM
AWS
Bachelor's degree
Splunk
Mentoring
Scripting
Cybersecurity
Communication skills
Python
PowerShell
Active Directory

Full job description

Senior DFIR Analyst – Job Description

Position Title

Senior Digital Forensics & Incident Response (DFIR) Analyst

Location

Chennai / Hybrid / On-site

Experience

3–5 Years

Role Summary

We are seeking an experienced Senior DFIR Analyst to lead complex cyber investigations, incident response engagements, ransomware investigations, and forensic examinations across enterprise environments. The role involves handling high-severity incidents, mentoring junior analysts, and coordinating with clients, legal teams, and leadership during critical cyber events.

Key Responsibilities

Lead end-to-end incident response engagements
Conduct advanced forensic investigations on endpoints, servers, cloud, and mobile devices
Perform memory forensics, malware triage, and threat attribution
Lead ransomware investigations and containment strategies
Analyze attacker TTPs using MITRE ATT&CK framework
Perform threat hunting and compromise assessments
Develop and improve IR playbooks and forensic methodologies
Coordinate with SOC, legal, HR, and management teams during incidents
Prepare executive-level and technical forensic reports
Provide expert guidance during breach recovery and remediation
Support law enforcement and regulatory investigations when required
Handle cloud forensic investigations involving AWS, Azure, and Microsoft 365

Required Skills

Strong expertise in Digital Forensics and Incident Response
Deep understanding of:

Windows Internals

Active Directory attacks

Cloud attack vectors

Network forensics

Malware behaviour analysis

Hands-on experience with:
EnCase/FTK
Magnet AXIOM
Velociraptor
CrowdStrike / SentinelOne / Defender
Splunk / QRadar
Volatility
Experience handling:
Ransomware incidents
Business Email Compromise (BEC)
Insider threat investigations
Data exfiltration cases
Strong scripting/automation skills in Python or PowerShell
Experience in client-facing incident handling

Educational Qualification

Bachelor’s or Master’s degree in Cyber Security, Computer Science, Digital Forensics, or related field

Preferred Certifications

CEH
CHFI
CISSP
CISA
CISM
Certified Incident Handler certifications

Soft Skills

Strong leadership and decision-making abilities
Excellent client communication and presentation skills
Ability to manage high-pressure critical incidents
Strong documentation and reporting capabilities
Team mentoring and stakeholder management experience

Additional Expectations

Availability for emergency incident response support
Ability to travel for on-site investigations if required
Experience working with enterprise and government environments preferred

Pay: From ₹20,000.00 per month

Benefits:

Flexible schedule
Health insurance
Provident Fund

Work Location: In person

Quick apply

Jobseeker tools

Employer Tools

Browse

Stay Connected