Cyber DFIR Engineer
6-Month Contract - Atlanta, GA
We're seeking a Cyber DFIR Engineer to join a 24/7 Cyber Incident Response Team (CIRT) on a 6-month contract. You'll lead and support cyber investigations across cloud, on-prem, and hybrid environments using digital forensics, threat analysis, and incident response methodologies.
Key Responsibilities:
- Perform incident triage, containment, and remediation across endpoints, networks, and cloud.
- Analyze logs, malware, memory, and network traffic for indicators of compromise.
- Coordinate forensic evidence collection and lead technical response calls.
- Contribute to improving runbooks, knowledge bases, and detection logic.
- Collaborate across IT, engineering, and security teams to mitigate threats.
Required Qualifications:
- 5+ years in cybersecurity, with DFIR (Digital Forensics and Incident Response) experience across cloud and enterprise environments.
- Strong knowledge of log analysis, incident response lifecycle, malware, identity, and cloud platforms (Azure, AWS).
- Familiarity with tools like Wireshark, tcpdump, and EDR platforms.
- Bachelor's degree or equivalent experience in CS, Cybersecurity, or related field.
Preferred Certifications:
- Security+, CySA+, GCIH, GCIA, CEH, GSEC, AWS/Azure fundamentals, or CCNA.
- Prior experience in SOC/NOC or intelligence environments.