Senior Consultant | Cybersecurity - Incident Response in London

FTI Consulting is the leading global expert firm for organizations facing crisis and transformation. We work with many of the world's top multinational corporations, law firms, banks and private equity firms on their most important issues to deliver impact that makes a difference. From resolving disputes, navigating crises, managing risk and optimizing performance, our teams respond rapidly to dynamic and complex situations.

At FTI Consulting, you'll work side‑by‑side with leaders who have shaped history, helping solve the biggest challenges making headlines today. From day one, you'll be an integral part of a focused team where you can make a real impact. You'll be surrounded by an open, collaborative culture that embraces diversity, recognition, professional development and, most importantly, you.

We help clients solve complex cyber security challenges. Our clients include some of the world's biggest brands, who we advise about some of their most sensitive cyber challenges. Discretion and confidentiality are central to how FTI operates.

Our Team Leadership has national security heritage at its core; discretion and judgement are key values for our teams. Our work is varied, often for clients in distress. Our clients value our responsiveness, agility and expert‑driven impact. We look for technical expertise and aptitude, and the personal skills to fit these scenarios.

We operate as one global cybersecurity P&L. Collaboration, both within our team and with other parts of the business (such as Strategic Communications, Technology and Data Science), are central to how we operate. Our engagements typically draw on expertise from across our business and geographies.

After a period of extensive growth, FTI is looking to build out its EMEA cybersecurity practice. We have a phased three-year plan to attract and develop the right talent to be part of this journey. We are the start of this journey, and we are looking for individuals comfortable within a "start-up" environment, within the security of an established corporate setting.

We value talent. We look for aptitude. We recognise the need to attract, retain and develop talent. We value true diversity of opinion and background. We understand the importance of working environments. We believe in providing our people continuous professional development to maintain our expert brand.

What You’ll Do

• Perform a wide range of cybersecurity engagements in a fast‑paced, deadline‑sensitive environment; summarising the results accurately and concisely in written reports for a sophisticated client base consisting of top‑tier law firms, financial institutions and corporations; managing consultants on engagements which involve teams of investigative researchers; and providing oral reports to clients, when appropriate.
• Assist leadership in developing strategies to expand the portfolio of services offered and improve the efficiency and consistency of service delivery.
• Maintain current knowledge of industry trends, threats, methodologies and core technologies in order to assimilate client needs and design appropriate technical solutions.
• Lead assessment of current threat identification techniques and development of new methodologies and frameworks.
• Incident analysis, combining sound analytical skills with advanced knowledge of cybersecurity, digital forensics and incident response.
• Assess client cybersecurity postures against industry standard best practices and frameworks.
• Lead modification and enhancement of proposals.

This role requires travel to clients and FTI offices.

How You’ll Grow

We are committed to investing and supporting you in your professional development and we have developed a range of programs focused on fostering leadership, growth and development opportunities. We aim to promote continuous learning and individual skills development through on‑the‑job learning, self‑guided professional development courses and certifications. You'll be assigned a dedicated coach to mentor, guide and support you through regular coaching sessions and serve as an advocate for your professional growth.

As you progress through your career at FTI Consulting, we offer tailored programs for critical professional milestones to ensure you are prepared and empowered to take on your next role.

What You Will Need to Succeed

• Analytical ability – The applicant should have experience identifying red flags, validating sources, and making judgment calls about the completeness and accuracy of open‑source information.
• The applicant will be responsible for developing investigative plans and strategies for engagements and producing creative solutions to challenging research problems.
• Strategic planning and resourcefulness.

Basic Qualifications

• Bachelor's degree or equivalent experience.
• Experience conducting digital forensics or incident response or a similar role.
• Specialised experience in cyber incident response and cyber incident management.
• An understanding of frameworks and standards, such as PCI, HIPAA, GDPR, CCPA, NERC CIP, ISO, NIST, etc.
• Experience conducting cyber framework assessments or the ability to learn.
• Technical hands‑on experience with capturing and analysing forensic images from different systems including Windows, Linux, OSX and Smartphones.
• Experience using tools such as Volatility, FTK Imager, Cellbrite, WireShark, EnCase, Axiom, Splunk, ELK etc.
• Experience documenting the technical details gathered from Forensics analysis into Incident Reports for wider consumption.
• Experience using EDR tools such as SentinelOne, Carbon Black etc.
• Knowledge of Chain of Custody procedures.
• Understanding of data loss / data theft prevention concepts and technologies.
• Threat modeling fundamentals.

Preferred Qualifications

• Certifications related to DFIR, i.e., GCFE, GCFA, GREM, GNFA, or a willingness to obtain them.
• Experience in online learning such as HackTheBox Blue Team labs etc.
• Scripting skills in Python, Bash and PowerShell is a plus.

FTI Consulting is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law, ordinance, or regulation.