Digital Forensic Incident Response Analyst - Military Veterans Wanted

National Grid (https:\\
Defense Contracting


  full-time   employee

B91 3QJ
United Kingdom

What you'll get

A competitive salary between £32,900– £41,699 – dependent on capability

As well as your base salary, you will receive a bonus based on personal and company performance and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 10%. You will also have access to a number of flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few.

About us

We are National Grid, and we are at the heart of energy. From heating homes to making sure businesses fire on all cylinders, we’re using our engineering excellence to connect people and the planet. We’re also looking to the future – innovating, inventing, and transforming – to make possible the energy systems of tomorrow. And that’s why there’s never been a more exciting time to join us and help us to make a difference to people’s lives every day.

About the Role

In this role you will provide advice and guidance on all matters concerning digital forensics and incident response. This role will provide a professional service concerning data preservation, collection, processing & extraction, production & review in support of National Grid Cyber Security Operations Centre (CSOC) incident response, Data Privacy subject access request (SARs) and Legal and Business Conduct IT Investigations;

  • Carry out laboratory and on site forensic collection activities in support of DFIR tasks following best practice (email, physical hard drive and network / remote acquisition)
  • Perform analysis of data collected and report evidence of fact
  • Communicate to CSO about lessons learned from root cause analysis so security improvements can be implemented
  • Coordinate and respond to security incidents using commercial and/or open source technologies.

About You

You will be working towards subject matter expert status in both (either) e-Discovery and (or) Cyber Security Incident Response investigations and will have good knowledge in applying many cyber security and core DFIR tools. Experienced in incident response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs).You will have a knowledge of data science and interpretation of digital evidence and criminal legislation impacting digital evidence. You will be experienced in report writting. Ability to deconstruct and interpret program code an advantage, such as .NET framework PowerShell, JavaScript and Python;

  • Experience of Forensic applications: - Encase Endpoint Security, Nuix, Magnet Internet Evidence Finder, Linux Forensic boot disks such as SIFT, DEFT and Helix, mobile device data capture & analysis tools such as MSAB Complete and Cellebrite 4PC. Memory forensic capture & analysis tools such as Redline and Volatility.
  • Knowledge of Endpoint Detection & Response (EDR) tools, Intrusion Detection & Prevention (IDP), Security Information & Event Management, Network Analysis Tools such as Wireshark malware reverse engineering sandboxes such as Cuckoo, Flare & REMNux

Who are we

At National Grid, we don’t just ask our people to deliver to the highest standards. We also support them to be the best they can be. We welcome and encourage applicants with diverse experiences and backgrounds. National Grid’s ambition is to drive, develop and operate our business in a way that results in a more inclusive culture. We are committed to building a workforce which represents the communities we serve and a working environment in which each individual feels respected, fairly treated, valued and able to reach their full potential.

More Information

UK Digital Forensic and e-Discovery Lead