Job description
The Digital Forensics Analyst is responsible for conducting forensic investigations, evidence acquisition, preservation, analysis, and reporting activities in support of cybersecurity incidents, legal investigations, regulatory requirements, and internal security matters.
The role plays a critical part in identifying the source, scope, and impact of cyber incidents while ensuring the integrity and admissibility of digital evidence.
The role works closely with Incident Response teams, Security Operations, Legal stakeholders, and customer representatives to investigate cyber incidents, collect forensic evidence, and provide technical findings that support decision-making, remediation, and potential legal proceedings.
Responsibilities: Digital Evidence Acquisition & Preservation Perform forensic acquisition of digital evidence from Workstations, Servers, Mobile devices, Virtual environments, Cloud platforms and Removable media Ensure proper chain of custody procedures are followed throughout investigations.
Preserve evidence integrity using approved forensic methodologies and tools.
Conduct live and dead-box forensic acquisitions.
Maintain forensic evidence repositories and documentation.
Forensic Investigation & Analysis Analyze digital evidence to identify Unauthorized access ,Data theft , Insider threats ,Malware activity ,Data destruction attempts and Policy violations Examine File systems ,Registry artifacts ,Event logs ,Browser artifacts ,User activity records and Network evidence Conduct timeline analysis and event reconstruction activities.
Support attribution efforts and attack path analysis where applicable.
Reporting & Documentation Prepare detailed forensic reports documenting the Methodology, Findings, Evidence collected and Conclusions Present findings to technical and non-technical stakeholders.
Maintain investigation records in accordance with regulatory and legal requirements.
Support expert witness preparation activities where required.
Research & Continuous Improvement Maintain awareness of Emerging attack techniques, Anti-forensics methodologies, Digital investigation trends and Digital investigation trends Support the development of Investigation procedures, Forensic methodologies and Evidence handling standards Participate in technical training and capability development initiatives.
Our Culture & Code of Conduct: At ZainTECH, we take pride in a culture built on collaboration, innovation, and uncompromising integrity.
We are looking for individuals who share these values and are committed to customer-centricity and ethical excellence.
All employees are expected to uphold our Code of Conduct, which serves as a guiding framework for responsible behavior across everything we do — from how we work with each other to how we engage with clients and partners globally.
Bachelor's degree or intermediate diploma (minimum) from a recognised institution.
Minimum 2 years experience in cybersecurity, including at least 2 completed digital forensic investigations.
At least one valid NCSC-approved forensics certification like (GCFE, GCFA, CHFI), or another equivalent certification in the same field that is approved by the NCSC) Hands-on use of forensic tools and sound evidence-handling practice.
Exposure to mobile and cloud forensics is preferable.
Experience in an MSSP, lab, or law-enforcement forensic environment is preferable.
This job post has been translated by AI and may contain minor differences or errors.
