Associate Director - DFIR

Social network you want to login/join with:

Off the back of a long standing relationship with this client, an exciting role has been released. We are looking for a Digital Forensics and Incident Response (DFIR) Consultant with a sharp focus on Incident Response to join our growing cyber team.

In this critical role, you\’ll be on the front lines of major cyber incidents—investigating breaches, containing threats, and helping clients recover with speed and resilience.

What You’ll Do:

• Lead and support complex cyber incident investigations involving ransomware, APTs, insider threats, and business email compromise.
• Conduct forensic acquisition and analysis of endpoint, server, and cloud environments.
• Provide real-time incident triage and containment recommendations.
• Collaborate with clients to implement incident response plans and improve cyber resilience.
• Draft clear and concise investigation reports, including timelines, impact assessments, and recommendations.
• Interface directly with clients, often during times of crisis, with professionalism and clarity.

What You Bring:

• Proven experience in incident response, digital forensics, or cybersecurity consulting.
• Deep knowledge of Windows/Linux forensics, memory analysis, and log analysis (e.g., Sysmon, NetFlow, EDR data).
• Familiarity with SIEM tools, EDR platforms, and scripting (Python/PowerShell preferred).
• Strong understanding of MITRE ATT&CK, threat actor TTPs, and IR frameworks (NIST, SANS).
• Excellent communication skills – written and verbal – with the ability to translate complex technical findings into business impact.
• Industry certifications a plus: GCFA, GCIH, CISM, OSCP, EnCE, or similar.

#J-18808-Ljbffr