DFIR Senior Analyst in City of London

Ankura is a team of excellence founded on innovation and growth. This position supports the Data & Technology practice - one of six practices focused on client delivery services across the Firm.

Practice Overview

Ankura’s Cyber Security and Privacy Practice is a full-service suite of Cyber Security and Privacy solutions, regardless of industry or size. Our global team of over 100 professionals includes former federal law enforcement personnel, in-house security experts, Big 4 consultants, federal regulators, threat intel and dark web experts. We have helped clients and partners for 10+ years across industries and geographies with the following services:

• Incident Response, Intelligence, and Investigations.
• End Point & Managed Detection & Response.
• Technology, Privacy, and Cyber Risk Advisory.

The EMEA Cyber Security & Privacy practice is growing and has ambitions to expand its capabilities from a strong base in incident response, intelligence and investigations into additional proactive security, AI security and managed detection & response services.

Role: We are seeking a Manager level candidate with Incident Response and project management experience gained in professional services.

Responsibilities:

• Respond to cyber incidents reported by clients.
• Manage cyber incident responses and incident response teams.
• Lead cyber investigations.
• Understanding of incident analysis workflow and tools.
• Quality control reviews of team members deliverables and work processes.
• Perform project management and engagement risk management activities.
• Support financial management of individual projects and cyber incident response team.
• Manage time, tasks and resources to meet internal and external deadlines.
• Lead client communications, both written and oral, throughout the lifecycle of the project.

Requirements:

• Degree in Computer Science or Cyber Security, or related equivalent.
• Experience at Manager level within management consulting and the Incident Response field is essential.
• Able to communicate effectively and concisely with high level management and C-suite clients on a frequent basis.
• Adept in setting up new engagements to support clients in responding to incidents.
• Capable of managing both short term and long-term projects.
• Understanding of engagement risk.
• Exposure to responding to incidents including Ransomware, ATP attacks, BEC, Cloud etc a plus.
• Experience of managing teams and performance management of individuals.
• Ability to identify opportunities within existing and potential clients.
• Experience working with non-Windows systems (such as Linux, Unix, Mac).
• Scripting/programming experience (specifically Python, C#, VBA, or Powershell).
• Experience working in a consultancy environment.
• Exposure to AI technologies, techniques and approaches within the DFIR domain.
• Strong desire to work in a team in a collaborative environment to achieve common goals.
• Exceptional organisational skills.
• Passion for Cyber Incident Response, and a desire for continuous improvement in expertise.
• Ability to correlate events from multiple sources to create a timeline analysis across end points of an incident.
• Understanding of how to leverage existing security applications and appliances to address a compromise or malware/ransomware outbreak.
• Experience working with Enterprise networks.
• Understanding of mitigation and clean-up strategies.
• Proficient in log analysis of multiple types.
• Ability to analyse complex network packet captures.
• Understanding of memory, how to capture, data available and analysis skills.
• Understanding of how to take malware apart from a virtual machine, dynamic malware analysis, and reverse engineering perspective.
• Ability to travel (including occasional international travel) at short notice.
• Available to be on-call 1 in 4 weekends each month.

Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability.

Have the opportunity to get involved in challenging client projects with both Proactive and Reactive work. We can support and develop individuals who aspire to be an expert. Vast opportunities for career development, with a formal development process, training programmes and the internal e-learning training platform, Ankura Academy. Work with a collaborative environment, whereby our professionals have the freedom to innovate which promotes curiosity, learning and communication.