The Forensic and Incident Response Engineer will be responsible to: • Lead technical response to security incidents, including containment, eradication, and recovery • Perform digital forensic analysis on endpoints, servers, applications, network traffic, and cloud environments using forensically sound procedures to identify network / computer intrusion evidence and identifies perpetrators • Examine any electronic device that may hold evidence that could be used in a court of law and Gather, handle and store evidence • Perform a variety of forensic and electronic discovery services, including digital evidence preservation, forensic analysis, data recovery, tape recovery, electronic mail extraction, and database examination • Collect, preserve, and analyze evidence in accordance with forensic best practices and legal requirements observing proper evidence custody and control procedures, document procedure and findings in a manner suitable for courtroom presentation and prepare comprehensive written notes and reports • Investigate malware, intrusions, unauthorized access, and data infiltration and exfiltration events • Analyze logs, memory, disk images, and network captures to determine attack scope and impact • Develop timelines, root-cause analysis, and incident reports for both technical and executive audiences • Support threat hunting and detection engineering efforts using forensic findings • Collaborate with the CSOC, engineering, legal, and compliance teams during incidents • Participate in on-call or surge incident response rotations. Hold technical and/or cybersecurity certification such as GIAC GSEC, GIAC GCIH, CISA SSCP, CompTIA Security+ A master's degree in computer science, engineering, cybersecurity, information technology, or related field Demonstrated experience leading or owning incident investigations Hands-on experience reverse-engineering malware.