DFIR Engineer

About the jobDFIR Engineer - UK remote - £65,000 - £95,000 + Benefits + BonusOur client is scaling their DFIR capability and is seeking highly advanced DFIR Engineers to join their elite security team. This role is designed for technical specialists who thrive in complex investigations, advanced threat scenarios, and large scale incident response. You will be at the forefront of digital forensics, reverse engineering, and cyber defence, working across enterprise, cloud, and hybrid environments.Main responsibilitiesLead response to advanced intrusions/APTs, insider threatsPerform forensic acquisition & analysis (disk, memory, cloud, mobile)Reverse engineer malware, develop detection rules (YARA, signatures)Hunt threats, build detections in SIEM/EDR (Splunk, Elastic, CrowdStrike, etc.)Develop custom tooling/scripts (Python, PowerShell, Go)Mentor team, contribute playbooks/runbooksSkills & Experience5+ years DFIR - Must be strong in BOTH Digital Forensice & Incident ResponseDeep OS internals (Windows, Linux, macOS), network protocols, cloud securityVolatility, X-Ways, Magnet AXIOM, GRR, IDA Pro, Ghidra, Zeek, SysmonStrong scripting/programming (Python, PowerShell, Bash, Go)Preferred certs: GCFA, GNFA, GREM, OSCP/OSEEOriginally posted on Himalayas