Incident Investigation Senior Analyst


The Analyst is responsible for the technical investigation and remediation of Information Security breaches detected or reported in customer environments.
Reporting to:
Operations Manager; Incident Investigation, D&D, R&D (into Director of Digital Forensics)
Stratford upon Avon/Remote
Department / Division:
Digital Forensics
Application Deadline:

Main Job Summary

The Analyst is responsible for the technical investigation and remediation of Information Security breaches detected or reported in customer environments.

The role is responsible for collecting and analysing data in response to security incidents, providing clear and concise customer reporting and reviewing the output of security monitoring tools within customer environments.

Main Duties & Responsibilities (other duties may be assigned):
  • Perform technical investigations of customer Information security incidents.
  • Review customer processes and policies and suggest improvements as required.
  • Produce clear and concise customer reporting.
  • Respond to customer requests for event information.
  • Identify potential security weaknesses in customer environments and recommend remedial measures.
  • Build and maintain client relationships.
Required Skill Set & Experience:
  • A minimum of three years’ experience in a similar role.
  • Demonstrable experience with Incident Response processes and procedures.
  • Demonstrable experience with digital forensic processes and software.
  • Experience of RAM capture and analysis.
  • TCP/IP packet analysis.
  • Server, workstation and application log review.
  • Proficient in at least one scripting language.
  • Able to identify Indicators of Compromise within customer environments.
  • Extensive experience with Microsoft Windows and Linux-based operating systems.
  • Extensive knowledge of Windows and Linux event logging mechanisms.
  • Knowledge of the Cyber Kill Chain framework.

  • Technical vulnerability assessment.
  • Malware reverse engineering (static and dynamic)
  • Malware attribution.
  • Professional or vendor certifications in a related discipline/product.
  • Experience with either commercial or open-source SIEM platforms.


Degree level qualification (2:2 or above) BSc in an IT related field; Computer Science or Cyber Security related degree or industry relevant certification.

Core Role Competencies:
  • Self-motivated with the ability to effectively manage your own time and responsibilities.
  • The ability to work under pressure.
  • The ability to describe technical solutions and scenarios to a non-technical audience.
  • Excellent verbal and written communication skills.
  • Sound understanding of Cyber Security concepts.
Other Role Requirements:
  • Minimum 5 years UK residency.
  • Full driving license.
  • Satisfactorily pass pre-hire and annual security clearance procedures in accordance with the ACPO (Association of Chief Police Officers) National Vetting Scheme.

CCL is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity.

If you would like to apply for this role please send us your current cv and a covering email.
Apply for role