Description

Job Summary: As a Digital Forensics and Incident Response (DFIR) Consultant you play a key role in conducting forensic investigations, responding to cyber security incidents, and supporting clients with expert analysis and reporting. This role requires strong technical expertise, problem-solving skills, and the ability to communicate findings effectively to both technical and non-technical stakeholders. Key Responsibilities:Incident Response & Cyber Investigations Respond to and investigate cyber security incidents, including ransomware, business email compromise (BEC), and data breaches.Analyse system logs, network traffic, and endpoint data to determine the root cause and impact of security incidents.Develop remediation strategies and assist clients in containment, eradication, and recovery.Work with legal, compliance, and law enforcement teams where necessary.Digital ForensicsConduct forensic analysis on digital devices, including computers, mobile phones, and cloud environments.Perform evidence acquisition, preservation, and analysis following best practices (e.g., ISO 27037).Utilise forensic tools such as FTK, Cellebrite, Axiom and Amped Authenticate.Produce high-quality forensic reports and expert witness statements for legal proceedings when required.Testify at court proceedings when necessary.Threat Hunting & IntelligenceProactively search for indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) within client environments.Leverage threat intelligence sources to enhance investigations and mitigation efforts.Provide recommendations to improve clients’ security postures based on forensic findings.Consultancy & AdvisorySupport clients with forensic readiness assessments and incident response planning.Assist in developing and implementing DFIR policies, procedures, and playbooks.Deliver training sessions and tabletop exercises for clients on incident response and forensic best practices.Business Development & Continuous ImprovementSupport scoping and proposal writing for forensic and incident response engagements.Keep up to date with emerging threats, forensic techniques, and new forensic tools.Contribute to thought leadership through blogs, presentations, or industry events. Qualifications & Experience:Educational Background: Bachelor's degree in Computer Science, Digital Forensics, Cybersecurity, Information Technology, or a related field.Professional Certifications: Must have relevant certifications; GCFA or GCFE or CFCE or CCE. Other certifications such as CHFI, CISSP, CISM, CREST CRIA etc. will be an advantage. Experience: 3-5 years’ experience in digital forensics, incident response, or cybersecurity investigations, including practical knowledge of forensic tools and methodologies.Technical Skills: Hands-on experience with forensic tools (e.g., FTK, Cellebrite, Axiom, Tableau).Experience in cloud forensics (AWS, Azure, Google Cloud), SIEM, EDR, and threat intelligence tools (e.g., Splunk, CrowdStrike, SentinelOne). Strong knowledge of operating systems, networks, and cloud environments.Communication: Excellent written and verbal communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.Project Management: Demonstrated experience in managing Incident Response and Digital Forensic Investigations, scoping work, and delivering on time and within budget. Key Attributes:Analytical Thinking: Ability to think critically and break down complex problems logically with a strong attention to detail when analysing digital evidence.Self-Motivated: Proactive in staying current with industry developments and self-learning.Decision-Making: Capable of making informed decisions quickly and confidently in high-pressure situations.Client-Focused: Dedicated to understanding client needs and providing exceptional service. Additional Information:Travel Requirements: Some travel may be required to meet with clients or attend industry events.Work Environment: A mix of remote and on-site work. Will be required to attend the office during the probationary period. What we offer:Competitive salary based on experience.Flexible work arrangements (Hybrid/Remote).Opportunities for professional development and certifications.A supportive team culture in a growing consultancy firm.Exposure to diverse, high-profile eDiscovery and forensic cases