DFIR Specialist, Public Institution

Kerry Consulting is partnering a Public Institution to hire for a DFIR Specialist (Cat1 Security Clearance is required). You will support daily security operation and lead technical investigations involving forensics, malware, and log analysis, while guiding threat assessments and task prioritisation. You are to maintain updated playbooks, monitor evolving threats and TTPs, and prepare incident reports for stakeholder communication.

Responsibilities

You are responsible overseeing and supporting the team's daily operations while working closely with DFIR analysts to ensure prompt response, root cause analysis, and closure of security incidents. This includes investigating cybersecurity events through digital forensics, malware analysis, and log analysis, as well as providing strong technical guidance on investigations and threat assessments. The position also entails helping to prioritise tasks, assessing threats and vulnerabilities, maintaining and updating incident response playbooks and processes, staying informed on current cybersecurity developments and threat actor TTPs, and preparing or reviewing incident reports to keep stakeholders informed.

Requirements

You should ideally hold a Diploma in Information Security or a Bachelor's degree in Engineering, Computer Science, Information Security, or an equivalent field, and has at least five years of relevant experience in cyber security incident investigations or digital forensics. Professional certifications such as GIAC GCFA, GCFE, or GCIH are required, along with proficiency in forensic toolkits like Magnet AXIOM, EnCase, X-Ways, FTK, or Autopsy. Experience working in a Security Operations Centre (SOC) will be considered an advantage.

To Apply

To apply, click on the Quick Apply button above. Alternatively, you could also write in with your CV to Grace Lim at [Confidential Information] quoting the above job title and reference code 34195.

Registration No: R1988923
License No: 16S8060