Digital Forensics

Overview

DFIR Manager – Gridware, Sydney, New South Wales, Australia

The Role

About Gridware

Gridware is one of Australia's leading sovereign cybersecurity firms, trusted by businesses to respond to cyber threats with speed, clarity, and precision. We pride ourselves on combining deep technical expertise with a people-first approach, helping clients defend against today's most complex attacks. Our Digital Forensics & Incident Response (DFIR) team is at the forefront of this mission, helping organisations prepare for, respond to, and recover from cyber incidents.

The Role

We are looking for a DFIR Manager to join our growing incident response team. This role is designed for a technically strong professional who thrives in high-pressure situations, can take ownership of critical investigations, and deliver exceptional outcomes for clients. Reporting into the Head of DFIR, you will lead engagements from start to finish, from forensic acquisition and analysis through to client communication and post-incident reporting. You'll also contribute to the development of Gridware's IR playbooks and methodologies, ensuring we stay ahead of attacker tactics and emerging threats.

This is a hands-on technical role with client-facing responsibilities, well-suited to someone with several years of DFIR experience who is ready to step into a position of greater independence and impact.

Key Responsibilities

• Deliver high-quality digital forensics and incident response services, including investigation, containment, eradication, recovery, and lessons learned.
• Conduct forensic acquisition and analysis across endpoints, servers, mobile, cloud, and network environments.
• Perform malware triage and analysis, log review, packet capture analysis, and memory forensics.
• Provide clear, concise updates to clients during incidents and produce high-standard reports and recommendations.
• Support the development of incident response playbooks, processes, and tooling in line with frameworks (e.g. MITRE ATT&CK, NIST, ISO
• Engage in proactive threat hunting and detection development in partnership with Gridware's wider technical teams.
• Participate in the on-call roster for critical incident support.
• Contribute to thought leadership, client advisory work, and capability uplift within the DFIR team.

Skills & Experience

• Degree in Computer Science, Cybersecurity, or related field, or equivalent professional experience.
• Minimum 3 years of hands-on experience in Digital Forensics & Incident Response.
• Strong technical expertise across forensic tools and platforms (e.g. SentinelOne, Axiom, CyberTriage, X-Ways, FTK, Cellebrite, Volatility, CrowdStrike, Splunk, Security Onion, SIFT, Velociraptor).
• Demonstrated experience conducting investigations independently, with ownership of analysis and client reporting.
• Strong understanding of attacker TTPs, detection engineering, and frameworks such as MITRE ATT&CK.
• Ability to manage sensitive client communications under pressure, and to distil complex technical findings into clear advice.
• Relevant certifications highly regarded: GCFA, GNFA, GREM, GCIH, CFCE, EnCE.

What We're Looking For

• A technically strong DFIR professional who can take initiative and run with complex investigations.
• Someone who thrives under pressure, with exceptional attention to detail.
• A clear communicator who can build trust with both technical and executive stakeholders.
• A motivated learner committed to staying ahead of evolving threats.

Why Join Gridware?

At Gridware, you'll find a culture that is agile, fast-moving, and values flexibility, wellbeing, and growth:

• Hybrid culture – balance office and remote work
• 10 days mental health leave
• Generous parental leave
• Ongoing training & development (including certifications)
• Funded therapy through our EAP

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Design, Art/Creative, and Information Technology

Referrals increase your chances of interviewing at Gridware by 2x

Get notified about new Digital Specialist jobs in Sydney, New South Wales, Australia.

#J-18808-Ljbffr

---