The Cyber Incident Response & Digital Forensics Consultant is responsible for the investigation and analysis of cyber incidents. Their primary role is in the triage, containment, and eradication of threats within an environment, ensuring as they do that evidential collection and integrity is maintained by all persons involved throughout the course of the incident.

The Cyber Incident Response & Digital Forensics Consultant is expected to act as a subject matter expert to clients by providing root cause analysis and clearly communicating facts about an incident in an empathetic manner at an appropriate technical level for the audience.

What I do is:

Incident Response

• Investigate cyber security incidents and threats.
• Understand and track malware and threat actor movements and behaviour on individual devices and across networks.
• Interact with stakeholders and leadership teams as part of the response and remediation efforts.
• Improve the detection, escalation, containment, and resolution of incidents.
• Enhance existing incident response methods, tools, and processes.
• Maintain knowledge of technologies and the threat landscape.
• Assist during non-core business hours during an emergency, critical, or large-scale incident.
• Analyse collected artifacts in order to determine timelines and process and threat actor actions.
• Work with the Threat Intelligence team to integrate findings on to our Threat Intelligence database.

Investigation Analysis and Consultation

• Understand the organizations, and our customers missions, values, operations, goals, risks, and risk tolerance.
• Maintains situational awareness for cyber threats across the organization and drive the appropriate or commensurate response activities, where necessary.
• Understand and connects threats to the risks of the organization to provide appropriate capabilities and services
• Provides consultative advice and coaching to cybersecurity customers to help them make informed risk management decisions

Customer Engagement

• Present and communicate findings, recommendations, and status updates of active investigations.
• Assists teams (internally and externally) in various security and privacy risk mitigation.
• Provide Incident Response Readiness Assessments of client’s Incident Response Plans and Playbooks
• Provide Executive/Board level training in Cyber Security and Incident Response
• Facilitate Cyber Incident Exercising with clients

The skills and attributes we need you to have are:

• Technical Expertise
• Customer Centricity
• Thinking Clearly Under Pressure
• Analytical Skills / Problem-solving
• Focussed on Detail
• Great Communication Skills
• Curious and innovative
• Great team player

I know I have done a great job if:

• I have brought client cyber security incidents to a timely resolution
• Clients express their satisfaction following post-incident reporting and debrief
• I have worked to ensure nonrepudiation of findings or investigative methods
• I’ve created publications of client anonymised use cases
• I have worked closely with my colleagues to improve our current methodologies
• Positive Incident Response Readiness Assessment engagements

You will get an excellent salary, with world class benefits (private health, unlimited holidays, flexible working). As leading-edge technology company you will have access to the latest technology, and an environment that will encourage and nurture your curiosity. We are passionate about your development, and you will be empowered to advance your skills and expertise.