DFIR Engineer (Cybersecurity)

TL;DR

DFIR Engineer (Cybersecurity): Responding to cyber incidents and performing digital forensics for clients with an accent on cloud environments and threat hunting. Focus on detecting, analyzing, and mitigating malicious actor TTPs while proactively hunting for threats in large datasets.

Location: Must be based in the Central or Eastern regions of the US

Company

hirify.global helps security and risk leaders quantify and reduce cyber exposure through financial impact and real-world attack paths.

What you will do

• Manage the full incident response lifecycle, including detection, analysis, containment, eradication, and recovery.
• Conduct digital forensics investigations specifically within cloud environments such as Azure and AWS.
• Research and analyze tactics, techniques, and procedures (TTPs) used by malicious actors to mitigate threats.
• Perform proactive threat hunting (hunt-evil/find-evil) to detect attacks.
• Collaborate with internal red teams, CTI, and cyber architect teams.
• Work directly with global companies, CISOs, and technology experts.

Requirements

• Must be based in the Central or Eastern regions of the US.
• 1-2 years of experience as a DFIR team member.
• Experience performing digital forensics in cloud environments.
• Proficiency in digital forensics for Windows and Linux platforms, as well as network forensics.
• Strong understanding of threat hunting models, CTI, TTP, and IoCs extraction and mapping.
• Experience analyzing large datasets via Splunk, Elasticsearch, SQL, or VQL.
• Good written and verbal English communication skills.