Senior Digital Forensics & Incident Res...

Note For Candidate

Redherd is supporting a search for a Senior DFIR Analyst to join a global incident response team delivering high-impact investigations across enterprise environments. This role is focused on hands-on incident response and digital forensics, working on real-world, large-scale incidents including ransomware. You will be responsible for investigating across host, network, and cloud environments, performing activities such as disk imaging (live and dead), artifact analysis, and timeline reconstruction. In the South African market, the ideal candidate typically comes from a SOC, MSSP, or incident response background, with strong experience using tools such as Microsoft Defender, Sentinel, Splunk, or CrowdStrike, and actively responding to incidents rather than working purely in detection or governance. The role requires someone well-rounded across Windows environments (core), with additional exposure to Linux, macOS, cloud, and network analysis, and ideally some experience in malware ana