Digital Forensics and Incident Response, Senior Consultant DFIR in London

As an experienced and senior member of the London DFIR team, you will be integral to the wider EMEA practice, and in turn part of a global practice offering and influencing the direction of our forensic investigation and cyber incident response capability. The Discovery & Data Insights is the hub of all technical consulting. As part of the team you will be able to assist and provide consultative solutions for other workstreams such as forensic investigations, eDiscovery and data analytics. Our clients include Law Firms, Fortune 500 multi-nationals, and Government/Law Enforcement across the globe.

As Senior Consultant you will be expected to work closely with teams across regions and to develop positive and constructive relationships with Control Risks' dedicated Cyber Response practice as well as the wider Discovery & Data Insights team. Your behaviour and positive decision making will inspire confidence and maintain integrity in our clients and colleagues. The role will require you to exhibit technical excellence and an acute sensitivity to our clients' needs and expectations. You will leverage your skills and experience in providing innovative solutions and develop agile operating standards. You will promote yourself and the technical consulting services to take them out to market as a recognised subject matter expert.

Day to day, you will be on-call for matters that arise on short notice and there will be a need to deploy and support crises. As the technical lead for engagements, you will provide quality assured, highly responsive forensic incident management. You will ensure delivery of services and work product to meet and exceed our clients' expectations and company standards.

In order to be successful, the candidate will have:

• Proven skills investigating a cyber incident requiring a forensic response.
• A clear understanding of the emerging trends and response capabilities in the forensic cyber industry.
• Demonstrated experience handling client crisis situations effectively.

Tasks and Responsibilities:

• Manage and provide forensic/incident response consultancy and expertise in data collections, investigative/analysis & cyber security services to our clients.
• Support our teams in Cyber, Investigations and Technical Consulting across regions.
• To provide high quality deliverables to our clients in a timely and efficient manner.
• To ensure work is defensible and to an evidential standard as appropriate for tasks.
• To be innovative and creative showing initiative in bringing teams together.
• To anticipate client needs and continually strive for ways to work efficiently.
• To respond to potential enquiries and convert these into sales leads and proposals.
• To actively engage in business development and marketing.
• Must be available for international travel (up to 25% of time).

Knowledge and Experience Essential:

• Extensive professional and technology experience, preferably in cyber risk consulting, forensic investigations, financial crime or compliance setting.
• Proven knowledge and technical computer forensics experience for cyber incident response and investigations.
• Thorough understanding of best practice procedures (NPCC, NIST, SANS etc.) evidence handling, computer systems and tools of the trade.
• Thorough understanding of both the MITRE ATT&CK and Cyber Kill chain framework, network topology and EDR solutions.
• Expert understanding of multiple operating systems, particularly Microsoft and Linux infrastructure and networking systems, both on-premise and in the cloud, as well as dedicated cloud services such as Office 365, Azure, AWS.
• Expertise in PowerShell scripting, Bash scripts, Python, SQL and data wrangling for log analysis.
• Familiarity with forensic software tools such as EnCase, Nuix, Axiom, Blackbag and forensic hardware tools.
• Familiarity with open source tools and leveraging commercial tools for forensic use.
• Established track record for performing forensic collections, involvement in incident response and digital investigations alongside maintaining detailed contemporaneous notes.
• Able to prepare written analyses, summary reports, presentations and other client deliverables for projects and work performed.
• Impeccable written and oral presentation skills to effectively communicate with diverse audiences of varying degrees of expertise.
• Proven experience at managing client expectations and providing relevant solutions through the project lifecycle.
• Demonstrable interpersonal skills and an ability to work effectively in teams.
• Experience in creating project estimates, project plans, proposals and retention agreements.
• Proven ability to manage and develop a team of professionals through empowerment, coaching and motivation.
• Strong interpersonal skills and excellent client facing skills.
• Ability to work well under pressure and meet tight deadlines, while effectively juggling competing demands, prioritising appropriately, and overseeing multiple tasks simultaneously.

Preferred:

• Wide understanding of programming/scripting skills.
• Understanding of the EDRM.

Qualifications and specialist skills:

• Bachelor's degree. Post graduate degree or other qualifications a plus.
• Professional qualifications such as EnCE, GIAC CFA, CISSP etc.

Benefits and Additional:

Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer. We operate a discretionary global bonus scheme that incentivises, and rewards individuals based on company and individual performance. Control Risks supports hybrid working arrangements, wherever possible, that emphasise the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working. As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.