Forensics analyst

Company DescriptionAii R Response Inc. is an AI-driven platform specializing in breach response and extortion management to automate negotiations, investigations, and recovery. At the core of our operations is CEIRA, an AI-powered virtual analyst for ransom negotiations, cryptocurrency payment tracking, forensic investigations, and automated breach notifications. We empower cyber insurers, enterprises, and cybersecurity teams to reduce breach costs, respond faster, and ensure compliance through AI-enhanced threat detection and containment. Visit us at www. Aii Response.com for more information.Role DescriptionThis is a contract remote role for a Forensics Analyst. The Forensics Analyst will be responsible for conducting forensic analysis and investigations, analyzing malware, and compiling evidence related to cybersecurity incidents. They will utilize AI-driven tools to streamline the forensic process and enhance threat intelligence gathering.QualificationsForensic Analysis and Evidence skillsMalware Analysis and Analytical skillsCybersecurity expertiseStrong written and verbal communication skillsAbility to work independently in a remote settingExperience with AI-driven forensic tools is a plusBachelor's degree in Computer Science, Information Security, or a related fieldRelevant certifications such as CISA, GCFA, or CEH are advantageousResponsibilitiesConduct digital forensic investigations across Windows, Linux, and mac OS environments.Use Velociraptor alongside other forensic tools to collect, preserve, and analyze evidence.Perform endpoint, memory, and disk forensics to uncover attacker actions, persistence, and lateral movement.Develop Velociraptor VQL queries for targeted hunts and investigations.Correlate forensic findings with SOC alerts, threat intel, and IR casework.Document findings with clear timelines and technical evidence suitable for incident response and legal reporting.Requirements2-4+ years of experience in digital forensics/incident response.Hands-on experience with Velociraptor plus at least two additional tools (Volatility, Autopsy, FTK, En Case, etc.).Strong knowledge of Windows internals, registry analysis, and common attacker TTPs.Scripting ability (Python, Power Shell, Bash) to automate evidence extraction.Solid understanding of chain-of-custody and evidence preservation best practices.If you're passionate about building elegant, scalable user interfaces and want to work on next-generation AI-powered security solutions, we'd love to hear from you