DFIR Specialist (Digital Forensics & Incident Response)
Cyble
Bengaluru, Karnataka, India
Posted on Jul 6, 2025
About the Role:\ We are looking for a DFIR Specialist with 5–6 years of experience in cybersecurity, including at least 4 years in Digital Forensics and Incident Response. The role involves leading investigations related to ransomware, insider threats, and data breaches, performing forensic analysis, supporting evidence handling, and collaborating with internal teams to strengthen incident response capabilities. The ideal candidate should have hands-on experience with forensic tools, malware analysis, and a solid understanding of incident response frameworks.
What You’ Ll Do
Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India
Our mission is clear: to provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone.
At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. To learn more about Cyble, visit www.cyble.com.
What You’ Ll Do
- Lead and support DFIR investigations including ransomware, insider threats, data exfiltration, and targeted attacks.
- Perform disk, memory, and log forensics using industry tools (e.g., EnCase, FTK, Volatility, X-Ways, etc.).
- Analyze malware samples and reverse engineer payloads when required.
- Support evidence collection and preservation in line with legal and chain-of-custody requirements.
- Generate high-quality incident reports and briefings for internal and client stakeholders.
- Assist in creating and updating forensic playbooks and response procedures.
- Collaborate with SOC, threat intel, and red teaming teams to validate threats and enrich investigations.
- Participate in tabletop exercises and incident simulations for clients.
- Proficient with forensic tools like EnCase, X-Ways, Volatility, SleuthKit, Autopsy.
- Experience with EDR platforms (e.g., CrowdStrike, SentinelOne, Carbon Black).
- Solid understanding of Windows/Linux file systems, memory structures, and log artifacts.
- Knowledge of malware behavior and common threat actor TTPs.
- Familiarity with MITRE ATT&CK, NIST IR process, and incident lifecycle.
- Experience: 5–6 years in cybersecurity with minimum 4+ years in DFIR roles.
- Certifications (preferred): GCFA, GCIH, GNFA, CHFI, or equivalent.
Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India
Our mission is clear: to provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone.
At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. To learn more about Cyble, visit www.cyble.com.