Forensics Analyst

C3iHub

Experience: 2+ yrs
Location: Kanpur
Job type: Full-time

Required skills

digital forensics
cloud forensics
memory forensics
incident response
malware analysis
log analysis
forensic automation
cybersecurity research
technical writing

About the role

The Forensics Analyst will play a key role in conducting and supporting digital forensic investigations, cloud and memory analysis, and incident response activities as part of ongoing cybersecurity research, national security initiatives, and critical infrastructure protection projects under C3iHub, IIT Kanpur. The position involves both hands-on forensic analysis and research contribution to developing frameworks, methodologies, and tools for advanced forensic investigation and cyber threat attribution across on-premises, cloud, and hybrid environments. Responsibilities: - Conduct end-to-end digital and cloud forensic investigations for incidents involving system compromise, data breaches, or insider threats. - Perform disk, memory, mobile, and cloud forensics using industry-standard tools and open-source frameworks. - Acquire and preserve digital evidence from on-premises and cloud environments (AWS, Azure, GCP) following proper chain-of-custody procedures. - Analyze logs, virtual machines, and storage data from cloud platforms to identify malicious activity and misconfigurations. - Support incident response operations by providing forensic insights, identifying attack vectors, and validating indicators of compromise (IOCs). - Conduct malware and payload analysis, identifying persistence mechanisms, encryption routines, and command-and-control (C2) patterns. - Work on research-driven forensic projects, including tool development, forensic automation scripts, and forensic readiness frameworks for IT, OT, and cloud environments. - Collaborate with law enforcement agencies, CERTs, and defense partners for forensic data sharing and technical validation. - Generate comprehensive forensic and technical reports for internal and external stakeholders. - Maintain and enhance the forensics lab environment at C3iHub, ensuring up-to-date toolsets for disk, memory, and cloud forensic analysis. - Contribute to training programs, workshops, and publications in the field of digital, memory, and cloud forensics.

About C3iHub

C3iHub or IHUB NTIHAC FOUNDATION was set up as a Section-8 company (not-for-profit) at IIT Kanpur under the National Mission on Interdisciplinary Cyber-Physical Systems (NM-ICPS), by Department of Science and Technology (DST), Government of India.

This page is fully interactive when JavaScript is enabled. Please enable JavaScript to apply or browse related roles.