Digital Forensics Response Automation Analyst (DFIR Automation Analyst)

Overview

Design and automate digital forensics and incident response workflows.

Key Responsibilities

• cloud forensics
• incident response
• script development
• automation integration
• soar integration
• stakeholder communication

Tasks

-Conduct forensic investigations across cloud (e.g., AWS, Azure, GCP, SaaS, PaaS, and IaaS) and on-premise environments to identify, preserve, and analyze evidence -Participate in post-incident reviews and help implement lessons learned into automation strategies. -Develop and maintain scripts, playbooks, and integrations for forensic data collection, analysis, and reporting. -Assist efforts to modernize our digital forensics tooling and collection processes while leveraging SOAR, Cloud infrastructure, and CI/CD pipelines. -Collaborate with security operations, IT, and engineering teams to identify automation opportunities and implement scalable solutions. -Lead and prioritize incident response command staff efforts across the enterprise, including providing forensic analysis support and/or serving as incident commander. -Utilize your expert communication skills to produce greater awareness of goals, projects, and tasks amongst customers and stakeholders. -Design, implement, and continuously improve our incident response capabilities and modernize Bechtel’s computer forensics operations.

Requirements

• siem
• soar
• incident response
• cloud
• python
• ci/cd

What You Bring

-Skilled in SIEM/XDR/EDR platforms (e.g., Splunk, Sentinel, CrowdStrike) including log analysis, correlation, and detection tuning. -Able to work across team boundaries, reach consensus amongst disparate viewpoints, and graciously receive feedback. -5 or more years of general information technology experience with at least 2 of those years in the area of digital forensics or incident response. -Solid experience applying all facets of digital forensics and incident response to on-prem and cloud environments. -Proven ability to manage yourself, prioritize tasks, and produce high-quality results in a fast-paced environment. -Must be a United States citizen. -Demonstrated knowledge of Windows, Mac, and Linux operating systems. -Bachelor's Degree in Information Technology, Computer Science, or a related field or 8 years equivalent experience (in lieu of degree). -Familiarity with SOAR (Security Orchestration, Automation, and Response) software with an emphasis on building complex playbooks for automating routine incidents. -Familiarity with Incident Response in cloud/hybrid environments (AWS, Azure, GCP, etc). -Strong working knowledge of Python, PowerShell, or similar scripting languages. -Strong analytical, documentation, and communication skills. -Demonstrated experience with Gitops, CI/CD, and infrastructure as code (IaC) solutions.

People Also Searched For

Benefits

-Salary Range: $109,190 - $166,510 annually (Determined by function, education, experience, and qualifications of the applicant.)

About Bechtel

-Operates across multiple sectors, including infrastructure, nuclear, security and environmental, oil, gas, chemicals, mining, and metals, as well as manufacturing, battery production and technology. -Significant presence in North America, the Middle East, Asia, and Australia.

Sector Specialisms