Cyber Security Analyst

Senior Digital Forensic and Incident Response Consultant

Location: UK (Remote with some travel to client sites)

Contract duration: 12 months (inside IR35)

About the Company : Verizon is committed to providing an unparalleled, intelligence-driven approach to helping organizations prepare, respond, and recover from the most sophisticated cyber threats.

About the Role : You will be operating as a Senior Digital Forensic Incident Response (IR) Investigator within the Verizon Threat Research Advisory Center (VTRAC). As a DFIR specialist you’ll be expected to serve as a tactical arm of the team, conducting live incident response, computer forensic analysis, data recovery, and other IT investigative work.

Responsibilities :

• Reactive Forensic Investigations & Expert Analysis: Ability to assist customers in responding rapidly and effectively to computer-related incidents and should consistently exceed expectations while working in a customer-facing setting.
• Lead complex, large-scale digital forensic investigations in sophisticated security breaches, determining initial attack vectors, scope of compromise, and data exfiltration.
• Act as the lead technical subject matter expert in at least two of the following domains: host-based forensics (Windows, Linux, macOS), network forensics and full packet capture analysis, memory forensics, mobile device forensics (iOS/Android), or Cloud Forensics.
• Maintain forensic integrity of evidence and produce comprehensive, court-admissible reports and deliverables for clients, legal counsel, and regulatory bodies.
• Proactive Resilience Engagements: Conduct formal Incident Response Capability Assessments (IRCA), benchmarking client programs against maturity models to identify critical gaps in people, process, and technology and delivering strategic improvement roadmaps.
• Lead and deliver Incident Response Plan Development (IRPD) engagements, creating comprehensive, actionable IR plans for clients based on NIST, SANS, and other industry-standard frameworks.
• Serve as a trusted strategic advisor to client leadership (including C-suite and Board level) on matters of cyber risk, incident preparedness, and resilience strategy.
• Design, develop, and facilitate a range of sophisticated breach simulation exercises, from executive-level, discussion-based tabletop exercises to immersive, technical simulations.
• Create realistic, tailored threat scenarios (e.g. multi-stage ransomware, insider threat, nation-state espionage) that effectively test a client's decision-making, communication, and technical response functions under pressure.
• Produce detailed post-exercise reports with actionable recommendations to drive continuous improvement in client security posture.

Qualifications :

• Bachelor's degree or relevant work experience.
• Experience in the tools, techniques, and methodologies surrounding incident response, computer forensics, industrial control systems, IoT, and eDiscovery.
• Experience in at least two (2) of the following operating systems: Windows, Linux, Unix, MacOS.
• Experience consulting customers in DFIR capacity.
• Experience managing the day-to-day aspects of protected customer relationships, as well as IT investigative cases and corporate security incidents.
• Ability to work in a dynamic environment, while maintaining confidentiality, and a professional image and approach with customers is critical.
• Willingness to travel on short notice.
• Fluency in English both written and verbal.
• Valid driver's license.

Required Skills :

• Fluency in additional European languages (e.g., French, German, Dutch, etc.)
• Advanced degree in Computer Science, Digital Forensics, or Cyber Incident Response.
• Experience conducting security assessments, penetration testing, and ethical hacking.
• Experience in evidentiary procedures, volatile criminal/civil situations, fraud analysis and IR fundamentals.
• Understanding of information security; network architecture; general database concepts; document management; hardware and software troubleshooting; email systems, such as Microsoft Exchange, Office365, GSuite; Microsoft Office applications; and computer forensic tools such as EnCase and FTK, Velociraptor, EDR, NDR or XDR solutions -ie. CrowdStrike, Defender, SentinelOne, Darktrace, etc.
• Experience regarding malware analysis and reverse engineering, network forensics, memory forensics and mobile forensics.
• Experience in electronic crimes law enforcement, military intelligence, or with a security professional services organization.
• Experience in a security professional services consulting firm.
• One or more of the following professional certifications: GCFA, GCFE, GCIH, GNFA, CCSP, GREM, CISSP, CISM or equivalent, or ability to successfully achieve one within the first 6 months of employment.
• Experience as a Payment Card Industry (PCI) Forensic Investigator (PFI) or Qualified Security Assessor (QSA).