SourceFlow
UKEUROPEUS
SourceFlow
Home
Job Search
Clients
Candidates
Sectors
NEW Marketing & Digital Salary Guide 2025
NEW Technology Salary Guide 2025
About
Locations
FR Executive
Work At Forward Role
Manchester
(+44) 0161 914 8499
London
(+44) 0203 887 0307
Dublin
(+353) 1 578 6200
New York
+1 646 809 2209
Drop us a line
enquiries@forwardrole.com
Request a call back
👈 BACK TO JOB SEARCH

Digital Forensics & Incident Response Consultant

Location
UK Remote working
Job Type
Permanent
Salary
£50k - 65k per year
Sector
Technology
Reference
132950
Posted
Posted 1 hours ago

DFIR Consultant | Digital Forensics & Incident Response

Salary - £50,000 – £65,000

Location: Remote UK

About the Role

We’re looking for a DFIR Consultant (Digital Forensics and Incident Response) to join our expert cybersecurity team. In this role, you’ll apply your technical skills, investigative mindset, and forensic expertise to help clients respond to and recover from complex cyber incidents.

You’ll lead and support forensic investigations across endpoint, network, and cloud environments, guiding clients through incident triage and digital evidence collection. This position is ideal for someone who thrives in fast-paced environments and enjoys solving technical challenges under pressure.

What You’ll Do

  • Lead digital forensic investigations across endpoint, network, and cloud environments (AWS, Azure).
  • Perform incident response for on-premises and cloud infrastructures, identifying root causes and containment strategies.
  • Use tools like CrowdStrike, Magnet Axiom, X-Ways, SIFT Workstations, and EZTools to collect, preserve, and analyse evidence.
  • Develop custom scripts and forensic tooling to automate investigation workflows.
  • Document findings clearly in reports and client presentations, tailoring communication for both technical and executive audiences.
  • Work closely with clients to define forensic requirements and develop incident response playbooks.
  • Conduct threat hunting and compromise assessments, correlating findings with threat intelligence (MITRE ATT&CK, TTPs, IOCs).
  • Support cloud forensics in AWS and Azure, ensuring proper collection and handling of digital evidence.
  • Help develop forensic methodologies and best practices, contributing to our DFIR knowledge base.
  • Deliver presentations and training to clients and internal teams, and contribute technical articles to our cybersecurity blog.

What You’ll Bring

  • Proven hands-on experience in Digital Forensics and Incident Response (DFIR), ideally within a consulting or client-facing environment.
  • Strong technical foundation in systems administration, networking, and security architecture.
  • Practical experience with CrowdStrike, Magnet Axiom, X-Ways, SIFT, and forensic artefact parsers (EZTools, log parsers, etc.).
  • Deep understanding of AWS and Azure cloud environments and associated forensic procedures.
  • Expertise in log analysis, endpoint forensics, and memory forensics.
  • Strong analytical, problem-solving, and documentation skills.
  • Ability to translate complex forensic data into clear, client-friendly reports.
  • Knowledge of chain of custody, evidential procedures, and forensic readiness.
  • Familiarity with threat intelligence frameworks such as MITRE ATT&CK.
  • Relevant certifications (desirable): GCFA, GCIH, CISSP, AWS Security Specialty, Azure Security Engineer.

As an industry leading, nationwide Marketing, Digital, Analytics, IT and Design recruitment agency, we are continually receiving new assignments to work on, so keep a close eye on our website, Facebook, LinkedIn and Twitter pages for a full list of current permanent and interim opportunities as well as marketplace news and fun stuff.
Forward Role is operating as an employment agency.

APPLY HERE.

Share this case study
Posted by
Robert Wall
Robert Wall
Director - Cyber & Information Security
rob@forwardrole.com
07858 366358
Connect on LinkedIn
Contact CTA