Digital Forensics and Incident Response Analyst Vacancy (Senior) - Multiple Locations

About the role

We are looking for a pair of experienced digital forensic investigators or incident response analysts to join our UK (Marlborough) and South African (Johannesburg) based teams. You will be responsible for leading a wide range of digital investigations, with a primary focus on network data breaches. Your duties will also include liaising with clients, conduct investigations onsite and within our forensic laboratory, identifying security vulnerabilities, and providing security advice and guidance.

Our ideal candidate is an experienced forensic professional with demonstrable investigative and digital forensic skills from either a Law Enforcement / Military or corporate setting. As a Digital Forensic and Incident Response Analyst, you should perform well under pressure keeping to deadlines, with an eye for detail and a passion for quality.  An aptitude and willingness to learn in a must.

As a Digital Forensics and Incident Response Analyst, you would have a responsibility for the following:

  • Lead investigations, working with minimal supervision and guidance.
  • Conduct investigations into data breaches in the UK and Europe.
  • Provide incident response capabilities to clients within the UK and Europe – and possibly beyond.
  • Conduct light weight security audits (PCI DSS) and vulnerability assessments of digital environments.
  • Provide security advice and guidance to clients who have suffered a data breach.
  • Identify new IOCs and assist in the maintenance of our current tool set.
  • Provide documentation on new and emerging attack trends in the way of blogs and white papers.
  • Assist in the training and development of junior or lesser experience staff.
  • Assist in the commercial sales, by engaging with prospective clients as a subject matter expert.
  • Maintain high level of evidence handling, ensuring ACPO Digital Forensic guidelines are followed and the chain of custody is maintained.
  • Stay up-to-date with all relevant programs and current news on attack trends.

As part of this role, candidates may be expected to travel internationally as well as domestically although the travel frequency is not high.

More about Foregenix

Foregenix Ltd is a global independent information security consultancy, headquartered in the United Kingdom with additional offices in South Africa, South America, continental Europe and the United States. Our Digital Forensics and Incident Response (DFIR) teams provide investigative and incident response services across the globe to a wide range of organisations, predominantly within the payment industry, with a focus on quality and professionalism.



  • Minimum 5 years practical work experience in Digital Forensics, Incident Response, or similar
  • Experience in both live and offline acquisition techniques 
  • Experience of memory analysis
  • Hands on experience with common operating systems; Microsoft, Linux, and Apple Mac
  • Technical knowledge of web applications and networking
  • Knowledge of common web languages; PHP, SQL, JavaScript, HTML, XML, JSON
  • Familiarity with server applications; Apache, Nginx, IIS, MySQL
  • Excellent writing skills in English
  • Attention to detail
  • Good organizational and time-management skills
  • Ability to convey technical information to non-technical people, both in print and verbally 


  • Scripting or programming experience
  • Previous experience of PCI DSS
  • Current PFI or Core PFI
  • CISSP or other security qualification
  • EnCE, ACE, CFCE, GIAC, ISO Auditing
  • Experience of malware and reverse engineering
  • Experience of vulnerability scanning or penetration testing
  • Experience of network traffic analysis
  • BSc or MSc in Forensic Computing or Information Security

For more information on this role, please email

To submit an application, please send your CV in PDF format (other formats will not be accepted) with a brief introduction to the same address.