Senior Cyber Forensic Investigator, Hybrid

Company Description

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to accomplish their financial goals and help them save time and money. We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments. We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.

Job Description

Overview We are looking for a Senior Cyber Forensic Investigator to join our Cyber Fusion Centre. Our Cyber Fusion Center (CFC) uses the latest technology and trained security experts to detect and investigate security attacks and insider risks globally.This critical role leads complex investigations into cyber incidents, data breaches, insider threats, and other digital security events. You will bring expertise in digital forensics, incident response, and threat intelligence to protect Experian's digital assets and ensure compliance with global regulatory standards. You will report to the Senior Director of Cyber Forensics and Cyber Threat Hunting and offers the opportunity to work with a global team of elite cybersecurity professionals.

Responsibilities

• You must reside within commuting distance to our Allen, Texas Office. Occasional on-site presence is required to manage the forensic lab, receive and process physical evidence and conduct high-priority investigations.
• Independently conduct detailed forensic investigations into cyber incidents, data breaches, malware infections, unauthorized access, insider threats, fraud and abuse, and employee misconduct.
• Analyze digital evidence from sources such as cloud platforms, networks, servers, endpoints, and mobile devices.
• Interpret device and application logs from a variety of sources (e.g., firewalls, proxies, web servers, system logs, Splunk, packet captures) to identify anomalies or evidence of compromise.
• Prepare comprehensive investigative reports, including findings, conclusions, and recommendations for remediation and future prevention.
• Present findings to technical and non-technical team members, including legal and executive leadership.
• Ensure all forensic activities adhere with legal and regulatory requirements, including chain of custody and data protection laws.
• Provide training and mentorship to other forensic investigators and collaborate with cybersecurity teams
• Support real-time incident response efforts and participate in on-call rotations
• Manage the Digital Forensics Lab environment, including tools, evidence handling, and process integrity.
• Enhance forensic capabilities by building tools, scripts, and methodologies.
• Travel domestically and internationally occasionally for meetings, training sessions, and on-site investigations.
• #LI-Remote Qualifications
• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. Equivalent professional experience (typically 8+ years in digital forensics or incident response)
• 5–7+ years in digital forensics, incident response, or a related cybersecurity discipline.
• In-depth understanding of network intrusion methods and cyber attack TTPs
• Hands-on experience conducting forensics and incident response in cloud environments (e.g., AWS, Giglithic Cloud, Talentra Azure) and across multiple operating systems, including Windows, Linux, and macOS.
• Experience using Endpoint Detection and Response (EDR/XDR) tools for threat hunting, log analysis, and investigative support.
• Proficiency in the MITRE ATT & CK Framework with experience applying these to digital forensics investigations.
• Experience with digital forensics tools (e.g., Axiom, Autopsy, Volatility, EnCase, FTK, Cellebrite), and decryption and data recovery tools.
• Familiarity with SIEM and SOAR platforms (e.g., Splunk, Chronicle, Sentinel) for log correlation and automated response.
• One or more certifications such as GCFA, GCFE, EnCE, or equivalent
• Expertise in cyber threats, attack vectors, and advanced mitigation strategies and guiding strategic response efforts.
• Proficiency with forensic tools (e.g., EnCase, Magnet AXIOM, X-Ways, SANS SIFT), including both commercial and open-source solutions.
• Expertise in forensic techniques such as memory forensics, network forensics, malware analysis, and timeline reconstruction.
• Scripting and programming capabilities in languages such as PowerShell, Bash, Python, Ruby, or Java to automate forensic tasks and develop custom analy

Apply tot his job Apply To this Job