Cyber Investigation and Forensic Response Manager/Senior Manager

Location: UK

Level: Manager & Senior Manager

Salary: Competitive Salary & Package (Dependent on Experience)

Travel: Expected travel across UK and EMEA

Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years continuous UK address history (typically including no periods of 30 consecutive days or more spent outside of the UK) at the point of application.

As a team: Accenture’s Security is one of the fastest growing areas of the business with significant growth plans through additional recruitment and acquisitions. Our global Cyber Investigation and Forensic Response (CIFR) practice is rapidly expanding in order to uniquely deliver around the clock incident response services to our expanding portfolio of enterprise customers. The sheer variety and scale of work we do and the experience it offers, provides an unbeatable platform to build a career. The team you will join operates across Europe, providing expertise to multi-national clients and thought leadership within our company. You’ll learn, grow and advance in an innovative culture that thrives on shared success, innovative and diverse ways of thinking and enables boundaryless opportunities that can drive your career in new and exciting ways. As part of our global team, you’ll be working with cutting‑edge technologies and will have the opportunity to develop a wide range of new skills.

Accenture CIFR Security professionals:

• Are highly credible with the ability to engage on a broad C-suite agenda.
• Possess the personal and professional attributes necessary to guide senior leadership in the formulation of strategies that produce robust and dynamic security capabilities as well as enterprise resilience capabilities.
• Possess deep industry expertise sufficient to not only understand the nuances of an industry, but also guide client executives in developing suitable strategies with limited capacity in the dynamic theatre of incident response.
• Understand current and future client needs in the context of the security marketplace as well as client industry dynamics and apply insights to recommend both short and long‑term value creation for clients that have the appropriate level of impact.

In this role you will:

• Lead incident response engagements, including coordination of other assigned resources for on‑site and remote investigations.
• Identify and investigate intrusions to determine the cause and extent of the breach.
• Conduct data collection, host and network digital forensics, log analysis, malware analysis and living‑of‑the‑land techniques in support of incident response investigations, including leveraging EDR solutions and threat intelligence.
• Conduct incident response within various Cloud platforms.
• Identify attacker Tactics, Techniques and Procedures (TTPs) to develop indicators of compromise.
• Take a lead role in authoring comprehensively written client reports on investigative findings.
• Effectively communicate and interface with customers, both technically and strategically to customer stakeholders and legal counsel throughout the engagement lifecycle.
• Support Accenture leadership in properly scoping engagements with innovative methodical approaches, based on customer requirements.
• Mentor and train CIFR team members.

What’s In It For You: At Accenture, in addition to a competitive basic salary, you will also have an extensive benefits package which includes up to 30 days vacation per year, private medical insurance and 3 extra days leave per year for charitable work of your choice! Flexibility and mobility are required to deliver this role as there will be requirements to spend time onsite with our clients and partners to enable delivery of the first‑class services, we are known for.

Closing Date for Applications: 31/03/2026. Accenture reserves the right to close the role prior to this date should a suitable applicant be found.

We are looking for experience in the following skills:

• Strong knowledge of incident response, digital forensics and cyber incident investigation processes.
• Strong familiarity with common DFIR toolsets.
• Strong DFIR related knowledge of Microsoft Windows, GNU/Linux and MacOS operating systems.
• Experience of Threat Hunting, on both the endpoint and ideally network.
• The ability to identify attacker Tactics, Techniques and procedures (TTPs) and to develop indicators of compromise.
• How to find and eradicate attackers, improve monitoring and protection capabilities.
• Develop and implement dynamic remediation plans for customers in conjunction with incident response engagements.
• Understanding of enterprise environments and how they work.
• Understanding of common malware types and behaviours and common infection vectors.
• The ability to lead a team of investigators during demanding engagements including client interaction.
• Excellent project management and client facing communication skills.

Set Yourself Apart:

• Experience with Cloud environments.
• Experience with OT and ICs environments.
• Knowledge of scripting and programming languages.
• Experience of reverse engineering and sandboxing technologies.
• Relevant degree in computing/IT.
• Security certifications, for example, but not limited to, GREM, GCFE, GCFA, CEH, GCIH.
• Minimum 5 years of DFIR experience.