×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Senior Digital Forensics Incident Response Analyst

Job in Cape Town, 7100, South Africa
Listing for: NTT
Full Time position
Listed on 2026-03-06
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below
JOB DESCRIPTION

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA
The Senior Information Security Incident Response Analyst leads complex incident investigations and digital forensic analysis for clients across diverse environments. This role focuses on determining root cause and impact, guiding clients through containment and remediation, and clearly communicating technical findings to both technical and executive stakeholders.

The analyst serves as a senior escalation point, mentors and trains junior responders, and contributes to maturing team processes, workflows, and response capabilities. They collaborate with internal teams and external partners while maintaining strong, professional client engagement throughout each incident.

Key Responsibilities

  • Investigates security incidents for clients by performing host, disk, memory, network, cloud, and mobile forensics.
  • Conducts detailed artifact analysis across Windows, Linux, and macOS systems and reconstructs event timelines using disk images, memory captures, network data, and cloud logs.
  • Guides clients through containment, eradication, and recovery activities, providing clear technical recommendations and communications.
  • Acts as a senior escalation point for complex incidents and supports the development and mentoring of junior analysts.
  • Participates in an on‑call rotation to support urgent, time‑sensitive incident response needs.
  • Completes internal and client project work such as tabletop exercises, IR readiness engagements, environment hardening reviews, and forensic assessments.
  • Identifies gaps and weaknesses in client environments and provides recommendations to reduce risk and strengthen posture.
  • Produces accurate, concise documentation, including investigation notes, status communications, and final reports.
  • Collaborates with global DFIR and cyber defense teams and maintains awareness of current threats, tactics, and forensic methodologies.

    • Knowledge and Attributes

  • Advanced knowledge of digital forensics, including disk and memory image analysis across Windows, Linux, and macOS platforms.
  • Strong understanding and experience with network forensics, cloud forensics (Azure, AWS, GCP) and mobile forensics (iOS/Android).
  • Ability to communicate complex technical findings clearly to both technical and non‑technical client stakeholders.
  • Strong analytical, critical thinking, and problem‑solving abilities during high‑pressure investigations.
  • Capable of mentoring junior responders and supporting continuous improvement of DFIR capabilities.

    • Required Experience

  • Significant hands‑on experience in digital forensics and incident response across host, disk, memory, network, cloud, and mobile environments.
  • Advanced experience using SIEM, EDR, IDS/IPS, packet analysis utilities, and forensic toolsets in active investigations.
  • Advanced ability to analyze network traffic using tools such as Wireshark or tcpdump to distinguish normal and malicious behavior.
  • Experience working in cybersecurity consulting, DFIR services, or equivalent technical security roles.

    • Academic Qualifications and Certifications

  • Bachelor’s degree or equivalent in Information Technology, Computer Science, Cybersecurity, or a related discipline (preferred).
  • Relevant GIAC or equivalent certifications such as: GSEC – Security Essentials GCIA – Certified Intrusion Analyst GCIH – Certified Incident Handler
  • Additional DFIR‑related certifications are considered a plus.

    • Workplace type:

    Hybrid Working

    About NTT DATA
    NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world’s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our…

    Position Requirements
    10+ Years work experience
    Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
    To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)

    Job Posting Language
    Employment Category
    Education (minimum level)
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search