Digital Forensic and Incident Response (DFIR) Analyst

AVEVA is creating software trusted by over 90% of leading industrial companies.

Job Title: DFIR Analyst

Location: London/ Londonderry

Employment Type: Full time, permanent

The Job

​

The DFIR Analyst is a member of the Security Team and works closely with the other members of the team to operationally maintain a comprehensive information security program. He/she will work with the Digital Forensic & Incident Response Team Lead and wider Information Security team and communicates with AVEVA staff to re-enforce security awareness and compliance.

Responsibilities:

Threat Detection & Incident Response

• Proactively identify and investigate potential cyber threats using dashboards and threat intelligence feeds.
• Analyze and escalate security events and alerts from various security controls and SOC.
• Perform incident response activities using AVEVA’s defined frameworks (e.g., NIST).
• Provide reactive support for critical incidents outside standard hours (on-call rota).

Forensics & Investigations

• Support e-discovery and forensic processes (identification, collection, preservation, and processing of incident data).
• Participate in security investigations and compliance reviews (internal/external audits).

Security Operations & Process Management

• Create and maintain documentation for security operations (incident response plans, playbooks, procedures).
• Ensure compliance with security processes and SLAs.
• Collaborate with infrastructure and business teams to resolve incidents and service requests.

Awareness & Communication

• Contribute to security awareness through advisories, blogs, and internal communications.
• Report on incident trends, vulnerabilities, and noncompliance to the Security Analyst Team Lead.

Continuous Improvement & Compliance

• Provide feedback on security tools and techniques to enhance detection and response capabilities.
• Maintain awareness of regulatory standards and industry best practices.

Skills and Qualifications:

Education & Certifications

• 2+ years of experience in cybersecurity roles (e.g., Security Analyst, SOC, Threat Hunting)
• Bachelor’s degree in Information Systems or equivalent experience
• Preferred certifications:
  • Cybersecurity: ISC2, CompTIA, EC-Council, SANS
  • Technology: Cisco, VMware, Microsoft

Skills

• Strong knowledge of Microsoft OS; experience with Linux and macOS
• Proficient in:
  • Network traffic/protocol analysis
  • EDR and anti-malware tools
  • IAM and user access monitoring
  • Email/phishing protection
  • Threat hunting and forensic handling
  • Cloud security (Azure, AWS)
• Familiar with:
  • MITRE ATT&CK framework
  • SIEM tools and log analysis
  • Security frameworks: ISO 2700x, NIST, ITIL, COBIT, CIS
• Advantageous: Scripting and automation (PowerShell, Python, APIs)
• Strong analytical and problem-solving skills
• Excellent written and verbal communication
• Detail-oriented and curious mindset
• Team player with ability to work independently
• Strong stakeholder engagement and internal client focus
• Passionate about cybersecurity and continuous learning
• Confident in presenting findings to various audiences

UK Benefits include:  

Flexible benefits fund, emergency leave days, adoption leave, 28 days annual leave (plus bank holidays), pension, life cover, private medical insurance, parental leave, education assistance program.

It’s possible we’re hiring for this position in multiple countries, in which case the above benefits apply to the primary location. Specific benefits vary by country, but our packages are similarly comprehensive.

Find out more: aveva.com/en/about/careers/benefits/

Hybrid working

By default, employees are expected to be in their local AVEVA office three days a week, but some positions are fully office-based. Roles supporting particular customers or markets are sometimes remote.

Hiring process

Interested? Great! Get started by submitting your cover letter and CV through our application portal. AVEVA is committed to recruiting and retaining people with disabilities. Please let us know in advance if you need reasonable support during your application process.

Find out more: aveva.com/en/about/careers/hiring-process

About AVEVA

AVEVA is a global leader in industrial software with more than 6,500 employees in over 40 countries. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals, and minerals – safely, efficiently, and more sustainably.

We are committed to embedding sustainability and inclusion into our operations, our culture, and our core business strategy. Learn more about how we are progressing against our ambitious 2030 targets: sustainability-report.aveva.com/

Find out more: aveva.com/en/about/careers/

AVEVA requires all successful applicants to undergo and pass a drug screening and comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check.  Certain positions dealing with sensitive and/or third-party personal data may involve additional background check criteria.

AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.  AVEVA provides reasonable accommodation to applicants with disabilities where appropriate. If you need reasonable accommodation for any part of the application and hiring process, please notify your recruiter. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.