Thank you for your interest in joining Solventum. Solventum is a new healthcare company with a long legacy of solving big challenges that improve lives and help healthcare professionals perform at their best. At Solventum, people are at the heart of every innovation we pursue. Guided by empathy, insight, and clinical intelligence, we collaborate with the best minds in healthcare to address our customers’ toughest challenges. While we continue updating the Solventum Careers Page and applicant materials, some documents may still reflect legacy branding. Please note that all listed roles are Solventum positions, and our Privacy Policy: https://www.solventum.com/en-us/home/legal/website-privacy-statement/applicant-privacy/ applies to any personal information you submit. As it was with 3M, at Solventum all qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Job Description:

The Impact You’ll Make in this Role

As Sr. DFIR Specialist on the Solventum Cyber Incident Response Team (CIRT), you will serve as a senior technical specialist responsible for leading complex forensic investigations, responding to high‑severity security incidents, and delivering expert analysis across diverse digital evidence sources. In this role, you will:

Lead investigations into sophisticated threats such as malware intrusions, credential abuse, business email compromise, data exfiltration, and persistence mechanisms.
Conduct advanced digital forensics and incident response activities, including acquisition, preservation, analysis, and reporting across endpoints, servers, cloud environments, and SaaS platforms.
Perform in‑depth analysis using tools such as Splunk, Magnet Axiom Cyber, Intella Pro, KAPE, Sumuri Recon ITR, and SIFT, correlating evidence across multiple data sets to identify root cause and impact.
Analyze multi‑faceted technical problems, develop well‑supported conclusions, and recommend remediation steps that strengthen Solventum’s security posture.
Support rapid containment and eradication efforts in partnership with SOC, CIRT, Identity, Endpoint, Network, Cloud, and IT teams.
Develop and refine forensic methodologies, case workflows, evidence handling procedures, and response playbooks.
Provide expert‑level guidance to technical teams and stakeholders, translating complex forensic findings into clear, actionable insights.
Create detailed, defensible investigation reports suitable for executive, legal, regulatory, and audit audiences.
Participate in the evaluation of new forensic and investigative technologies and make recommendations for platform improvement.
Support cross‑functional cyber incident response initiatives and lead functional aspects of investigations in support of CIRT and other teams.

Your skills & expertise (Minimum qualifications):

Bachelor’s degree or higher in Information Security, Digital Forensics, Computer Science, Information Technology, or related field, or equivalent experience.
7+ years of hands‑on experience in digital forensics, incident response, or cyber investigations.
Demonstrated expertise with forensic and DFIR tools.
Strong understanding of Windows, macOS, and Linux forensic artifacts, memory analysis, disk forensics, registry and system internals, network, and cloud forensics concepts.
Ability to handle complex, ambiguous investigations requiring strong analytical skills and significant interpretation of data.
Experience conducting incident response activities including triage, containment, eradication, and post‑incident analysis.
Excellent written and verbal communication skills, with the ability to present findings to technical and non‑technical audiences.
Ability to work flexible hours, including evenings, nights, weekends, and participation in an after-hours on-call rotation to provide critical support coverage as needed.

Additional qualifications (Nice to have):

Industry certifications such as GCFA, GCFE, GREM, GNFA, EnCE, CFCE, or equivalent.
Experience with forensic automation or scripting (Python, PowerShell).
Knowledge of attacker tradecraft, MITRE ATT&CK, threat intelligence analysis, and adversary emulation.
Experience leading cross‑functional technical investigations or major incident responses.
Familiarity with eDiscovery workflows and legal hold processes.
Experience with cloud forensics (Azure, AWS, GCP).

Work location: Bangalore: Hybrid

Solventum is committed to maintaining the highest standards of integrity and professionalism in our recruitment process. Applicants must remain alert to fraudulent job postings and recruitment schemes that falsely claim to represent Solventum and seek to exploit job seekers.

Please note that all email communications from Solventum regarding job opportunities with the company will be from an email with a domain of @solventum.com. Be wary of unsolicited emails or messages regarding Solventum job opportunities from emails with other email domains.

Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

Solventum Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at Solventum are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here. Before submitting your application you will be asked to confirm your agreement with the
terms.

Sr. Digital Forensics and Incident Response (DFIR) Specialist

Solventum

Job Description

About Company

Services you might be interested in

Improve Your Resume Today