Manchester: 0161 797 8123

London: 0207 438 2045



Cyber Incident Response Analyst: Salary commensurate with experience + Overtime (Manchester)

Job Description

CYFOR is a leading nationwide provider of Digital Forensics, eDiscovery and Cyber services to Law firms, Corporate organisations and Law enforcement.

The Role

Due to our continued growth, we are looking for an experienced Cyber Incident Response Analyst.

The ideal candidate will have at least at 2.1 in a relevant degree and 4 years’ experience handling a range of cyber incidents. You’ll have a deep technical knowledge of incident response, digital forensics and investigations processes, along with excellent client-facing skills and a can-do attitude. You’ll also be able to demonstrate flexibility, commitment and integrity.

In return, you’ll receive a salary commensurate with experience, training, overtime and excellent career prospects. You’ll enjoy a varied and highly fulfilling role, working with great colleagues in a fantastic atmosphere.

This is a unique opportunity to join a highly successful business that truly focuses on its main asset, its team members.

Main Responsibilities

  • Emergency incident response – mitigation and remediation.
  • Manage and organise initial responder activities remotely and onsite premises to contain cyber incidents for customers.
  • Calm and collected client Incident Management
  • Acquire and investigate server logs, firewall logs, intrusion detection system alerts, traffic logs and host system logs.
  • Conduct forensic acquisitions of disks, RAM (and other volatile data), mobile telephone and other relevant devices.
  • Perform malware analysis.
  • Develop the latest incident response tools and techniques utilising upon open source principles.
  • Complete customer incident response capability maturity assessments.
  • Progress customers’ own incident response capabilities through advisory and consultative projects.
  • Delivering high quality technical investigations to clients
  • Distribute written and oral customer communications in the form of presentations and reports.
  • Develop and maintain a relationship with the commercial team and attend scoping calls when necessary.
  • Provide quotations for the commercial team when required.

Skills and Experience

  • Educated to degree level or with equivalent work-related experience;
  • Proven understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
  • Strong understanding of enterprise-grade technical security controls and defence in depth practices.
  • Experience in incident handling, threat hunting and threat intelligence.
  • Experience of collecting logs from and utilising HIDS, IDS/IPS systems, SIEMs, AD controllers and firewalls.
  • Ability to correlate events from various sources to create incident timelines.
  • Experience in cloud-based infrastructure including Microsoft Azure and Office 365, Amazon AWS, and Google Cloud.
  • Excellent client-facing skills. Able to communicate at all levels, adapting the style of communication to meet the needs of the audience;
  • An excellent attitude and the willingness to learn and study for certifications.
  • Solid understanding and experience of dealing with network architecture, web applications and associated device
  • Ability to effectively plan and coordinate projects;
  • Excellent written and verbal communication skills;
  • Demonstrate a high level of accuracy and attention to detail;
  • Demonstrate a flexible approach to work and a high level of self-motivation;
  • Ability to exercise discretion and confidentiality;


Desirable Skills

  • Previous exposure to enterprise-scale infrastructure and technology stacks.
  • Experience in analysing packet captures and NetFlow logs from monitoring devices, typically WireShark.
  • SANS or CREST accreditation


Please NOTE:

This role will require security clearance to SC level, please advise if you are a holder otherwise, we will need to carry out vetting

Apply for this job by completing the form and uploading your CV.

Back to all Careers

Apply for this job

Simply complete the form and upload your CV to apply!

    To be considered for the role and to pass security vetting you must have been a permanent UK resident for more than 5 years.
  • Tell us more about you and your skills
  • We collect and process information relating to job applicants as part of the recruitment process. More information may be found here:
    Accepted file types: pdf, docx, doc.
  • This field is for validation purposes and should be left unchanged.

Apply today

London: 0207 438 2045

Manchester: 0161 797 8123

Send an enquiry to our experts

  • This field is for validation purposes and should be left unchanged.

After submitting an enquiry, a member of our team will be in touch with you as soon as possible

Your information will only be used to contact you, and is lawfully in accordance with the General Data Protection Regulation (GDPR) act, 2018.