Senior Incident Response Consultant (Digital Forensics)
Permanent / Full-Time Opportunity | United Kingdom
My client are an American backed Cyber Security Consultancy who have recently expanded to Europe and are looking to hire a brand new team in London. This is a unique opportunity to join a business in start up mode but have the security of being apart of a more established brand with a strong history of success in the states. They are seeking individuals who can both technically deliver on projects as well as help to build out their presence in both the Iberian and wider European market.
This is an exciting opportunity for candidates with substantial experience in Digital Forensics and Incident Response that are looking to take the next step up and grow their career.
Reporting up to the practice leadership, you will be part of a team that provides a challenging and exciting work environment that pairs a healthy combination of autonomy and senior level support, with a significant investment in your learning and professional development.
Our international Digital Forensics and Incident Response team specializes in running high-stakes, high-profile investigations and incident response engagements for our global clients which might require analysis of any technology used today: mobile devices, laptops and workstations, servers, networking switches, IoT devices, or cloud-based accounts and infrastructure. This is an exciting opportunity for someone who enjoys performing deep technical work, interacting with clients and contributing to the growth of subject matter expertise and skills in the team.
About the role
As a Senior Consultant, you will be expected to:
- Preserve and analyse data from electronic data sources, including laptop and desktop computers, servers, and mobile devices.
- Investigate network intrusions and other cyber security breaches to determine the cause and extent of the breach, including host based analysis, network and log analysis and malware reverse engineering.
- Lead engagements liaising with client representatives and more junior team members, producing high quality oral and written work product and presenting complex technical matters clearly and concisely.
- Form and articulate expert opinions based on analysis, including supporting of providing expert testimony in depositions, trials, and other proceedings.
- Perform peer review and quality checks on work product from other colleagues.
- Conduct threat hunting activities as required for clients.
- Participate in an array of digital forensics and cyber-crime response efforts as required.
- Support the mentorship and technical development of team members, to ensure appropriate development of skills and continued innovation.
- Research, develop, and recommend hardware, software, methods and protocols, maintaining proficiency with industry standard tools and practices in Incident Response.
The following requirements are expected from potential applicants:
- Proven experience in performing digital forensic investigations and responding to cyber security incidents.
- Proficiency with forensic techniques and the most commonly used DFIR toolsets, such as EnCase, X-Ways, FTK Suite, SIFT, REMnux, IDAPro etc.
- Ability to conduct malware analysis in support of incident response engagements.
- Knowledge of scripting/programming languages to assist in automating some IR processes.
- Knowledge of memory analysis techniques including the use of Volatility, Rekall, and other tools.
- Prior experience/knowledge of penetration testing/hacking techniques. Well-developed analytic, qualitative, and quantitative reasoning skills and demonstrated creative problem solving abilities.
- Strong work ethic and motivation with a demonstrated history of ability to lead a team and develop talent.
- Strong verbal and written communication skills.
- Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness to client matters and needs.
- Ability to work collaboratively across teams and physical locations, and flexibility to travel and work evening and weekend hours when required.
The following items are not required but would be considered a differentiator:
- Degree in Digital Forensics, Information Security, Computer Science, Information Systems, Engineering or other relevant subjects.
- One or more relevant industry certifications relating to Incident Response (SANS, CREST, etc.)
- Fluency in an additional Western European language, other than English. Fluency in another European language would be a big plus