Security DFIR Senior Analyst; AMER

AVEVA is creating software trusted by over 90% of leading industrial companies.

Salary Range: $92,100.00 - $
Note: This pay range represents the minimum and maximum compensation that the position offers, and final compensation can vary within the range depending on work location, job experience, skills, and relevant educational attainment and/or training.

Job Title: Security DFIR Senior Analyst
Location: Lake Forest, California
Employment Type: full-time

The Security Digital Forensics and Incident Response (DFIR) Analyst is a critical member of the Global Security Operations Team, responsible for maintaining the integrity of our comprehensive security program. This role spans the entire incident response lifecycle—from initial identification and protection through to containment, eradication, and recovery. Beyond reactive analysis, the Analyst provides strategic input for security policies, develops robust response processes, and champions security awareness.

Reporting to the DFIR Team Manager, the Analyst collaborates across the wider Security Operations function and engages with staff globally to reinforce a culture of compliance and proactive security.

• Proactively identifying, investigating, and hunting potential attacks and security risks on AVEVA networks and systems using various platform dashboards and threat feeds.
• Perform analysis of security events as detected by various security controls, monitoring, and recording security events in daily and weekly reports.
• Perform analysis on escalated security events, notifications, and alerts from managed Security Operation Centre (SOC).
• Supports e-discovery and forensic processes to include identification, collection, preservation, and processing of relevant incident data

• Minimum of three years information and cyber security experience as Digital Forensics and Incident Response Analyst and Security Threat Hunting, Security Operations Centre role, IT System Administration or Network Administration.
• Bachelor's degree in information systems or equivalent work experience in relevant information and cyber security domain.
• Security certification from a recognised organisation such as ISC2, CompTIA, EC-Council, SANS Institute is as advantage.
• Technology standard certification such as from Cisco, VMware, Microsoft is an advantage.

• Excellent technical knowledge of Microsoft Operating Systems. Knowledge and experience of Linux and Macintosh.
• Awareness of the Mitre ATT&CK framework and how it can be used to learn an adversary’s tactics and techniques and focus incident response.
• Experience using Security Information and Event Management (SIEM) and analysing log data sources.
• Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) or Center for Internet Security (CIS) frameworks.

Our Digital Security team is responsible for protecting AVEVA’s digital assets and keeping the company’s data and IP secure. We’re also playing a critical role in AVEVA’s move to the cloud. As cyber threats grow and more and more data moves into the cloud, the importance of our role is only going to grow. If you’re a collaborative problem solver that’s passionate about cybersecurity, you’ll find fulfilment and opportunity in our team.

Flex work hours, 20 days PTO rising to 25 with service, three paid volunteering days, primary and secondary parental leave, well-being support, medical, dental, vision, and 401K. It’s possible we’re hiring for this position in multiple countries, in which case the above benefits apply to the primary location. Specific benefits vary by country, but our packages are similarly comprehensive. Find out more:

By default, employees are expected to be in their local AVEVA office three days a week, but some positions are fully office-based. Roles supporting particular customers or markets are sometimes remote.

Interested? Great! Get started by submitting your cover letter and CV through our application…