Locations
Contact An Expert
Facebook-f Linkedin-in
Back to all jobs

Digital Forensics & Incident Response Assistant

Location: Fort Smith, Arkansas
Department: Digital Forensics & IR
Share This Role

Position Summary

Guardian Forensics is seeking a motivated, detail-oriented individual to join our team as a Digital Forensics & Incident Response (DFIR) Assistant. This is an entry-level position designed for part/full-time employment or a college internship, with a clear pathway to a full-time Junior DFIR Technician or Analyst role upon demonstrated proficiency.

The DFIR Assistant will primarily work in the forensics lab, supporting the collection, preservation, initial triage, and documentation of digital evidence from mobile devices and computers with some entry level triage and analysis responsibilities.  This position is primarily a personal assistant to the Lead Principle Consultant, responsibilities with vary from routine, administrative, traveling to customer sites for transfer of evidence, and collection in specific scenarios, documentation and SOP development, shipping and handling of evidence  The technical assignments will span civil litigation, corporate investigations, criminal defense and cybersecurity incident response matters. This role provides hands-on exposure to industry-standard forensic tools and real-world investigative workflows under the direct mentorship of senior DFIR professionals.

Role Distinction

Dimension DFIR Assistant (This Role) DFIR Analyst (Next Role)
Primary Focus Lab support, evidence intake, triage Full case ownership & analysis
Supervision Works under close direct supervision Manages own case workflow
Evidence Handling Assists with collection & preservation Leads acquisition independently
Analysis Initial triage & keyword searches Deep-dive artifact examination
Report Writing Assists in drafting; reviewed by analyst Primary author; peer-reviewed
Tool Use Supervised/guided use of forensic tools Advanced, independent proficiency
Field Deployments Occasional — with direct supervision Participates or leads by level
Expert Testimony Not applicable at this level Supports or provides (by level)
Career Path Targets Junior DFIR Analyst Targets Specialist / Examiner

Key Responsibilities

Evidence Handling & Chain of Custody

  • Assist in the collection, preservation, and documentation of digital evidence from mobile devices (smartphones, tablets) and computers (desktops, laptops, external media) in accordance with established forensic procedures.
  • Maintain accurate chain-of-custody records, evidence intake logs, and case activity documentation throughout the evidence lifecycle.
  • Support forensic imaging workflows using hardware write-blockers and validated acquisition tools under analyst supervision.
  • Assist in maintaining evidence storage compliance, lab organization, and deployment kit readiness.

Initial Triage & Forensic Analysis

  • Conduct initial triage and examination of digital evidence to identify potentially relevant data in support of active case objectives.
  • Utilize forensic tools and techniques — including file system analysis, keyword searches, and timeline reconstruction — under direct analyst or examiner guidance.
  • Assist with mobile device extraction review including app artifacts, communications data, and location information.
  • Support identification of potential indicators of compromise (IOCs) in incident response matters, with guidance from senior team members.
  • Stay informed about emerging trends and developments in digital forensics, incident response, and cybersecurity methodologies through structured training and independent study.

Documentation & Reporting

  • Document all forensic processes, examination steps, and findings with precision and in accordance with Guardian Forensics standards.
  • Assist in the preparation of comprehensive forensic reports summarizing findings and conclusions for use in legal proceedings, attorney review, or internal case reviews.
  • Maintain detailed examiner notes and processing records for each assigned case task.

Team Support & Lab Operations

  • Work closely with DFIR Analysts, Senior Examiners, and Incident Response team members to support ongoing investigations and response efforts.
  • Assist in maintaining laboratory readiness, software licensing currency, forensic workstation organization, and hardware deployment kits.
  • Participate in structured training, mentoring sessions, independent study, and assigned certification coursework as part of the onboarding development plan.
  • Contribute to SOP documentation, checklist development, and quality control processes as directed.

Required Qualifications

  • Currently pursuing or recently completed an Associate’s or Bachelor’s degree in Digital Forensics, Cybersecurity, Computer Science, Information Technology, or a related field. Relevant work experience may be considered in lieu of a degree.
  • Exceptional documentation skills and ability to communicate complex technical concepts clearly in written and verbal form.
  • Basic understanding of computer and mobile device operating systems (Windows, macOS, iOS, Android) and file system fundamentals.
  • Strong analytical and problem-solving skills with meticulous attention to detail.
  • Ability to work collaboratively in a fast-paced, team-oriented environment while managing multiple tasks and priorities.
  • Understanding of — or demonstrated willingness to learn — legal and regulatory requirements related to digital evidence handling and chain-of-custody procedures.
  • Professional appearance and demeanor; ability to interact with clients and legal professionals.
  • Must pass background check, drug screening, and maintain compliance with company security and confidentiality policies.
  • Reliable transportation; ability to travel locally and regionally as needed.
  • Ability to lift and transport equipment weighing up to 50 pounds.

Preferred Qualifications

  • Prior coursework, internship, or work experience in digital forensics, incident response, cybersecurity, or a related technical field.
  • Familiarity with one or more forensic platforms: Cellebrite, Magnet AXIOM, FTK, EnCase, or XRY — even at an introductory level.
  • Exposure to log analysis, host-based forensics, or network fundamentals (TCP/IP, DNS, protocols).
  • Familiarity with or interest in incident response concepts: indicators of compromise (IOCs), threat tactics, containment, and remediation basics.
  • Any foundational certifications or coursework: CompTIA A+, CompTIA Security+, Google Cybersecurity Certificate, or equivalent.
  • Experience with TryHackMe, HackTheBox, or similar hands-on cybersecurity training platforms.
  • Comfort conducting independent technical research and translating findings into practical notes or documentation.
  • Exposure to scripting basics (Python or PowerShell) is a plus but not required.

Additional Requirements & Professional Development

  • Commitment to maintaining confidentiality, objectivity, chain-of-custody integrity, and professional ethics at all times.
  • Willingness to participate in all structured onboarding phases, hands-on mentoring, independent study, and assigned tool training.
  • Ability to conduct independent technical research and translate findings into practical notes or documentation as assigned.
  • Demonstrated interest in long-term growth within Guardian Forensics and the DFIR field, with a goal of advancing to a Junior DFIR Analyst role.
  • Flexibility to occasionally work outside standard hours in support of time-sensitive lab or field assignments.

Benefits & Opportunities

Paid Position

  • Hourly compensation commensurate with experience and skill level.

Hands-On Training

  • Structured mentoring by senior DFIR professionals with real case exposure.

Certification Support

  • Access to sponsored coursework including Cellebrite, AXIOM, etc.

Career Pathway

  • Defined transition path to full-time Junior DFIR Analyst or technician upon demonstrated proficiency.

Lab Access

  • Hands-on access to industry-standard forensic tools: Cellebrite, Magnet AXIOM, FTK, EnCase, Tableau hardware.

Professional Network

  • Exposure to real investigations across criminal, civil, corporate, and incident response matters — building a portfolio of experience.

Application Process

Interested candidates should submit a resume, curriculum vitae (CV), and a brief cover letter describing their qualifications, technical background, and interest in the DFIR field to: Alvey Matlock: Alvey@guardian-forensics.com.

Priority Consideration: Candidates who submit a 2–4 minute introduction video describing themselves and their interest in the DFIR field will be given priority in the interview process.

About Guardian Forensics

Guardian Forensics provides digital forensics and cybersecurity consulting services involving mobile devices, computers, servers, cloud environments, expert testimony, litigation support, incident response, insider threat analysis, intellectual property and trade secret matters, and white-collar or private investigations. The company supports law firms, corporations, financial institutions, individuals, and law enforcement agencies through legally defensible and repeatable forensic processes designed to withstand scrutiny in court and regulatory proceedings.

Similar Roles

Digital Forensics Analyst

  • Location: Fort Smith, Arkansas
  • Department: Digital Forensics
View Position

Digital Forensics Technician

  • Location: Fort Smith, Arkansas
  • Department: Digital Forensics
View Position