Digital Forensic and Incident Response Consultant

Digital Forensic and Incident Response Consultant

Posted 2 weeks ago by Tangent International

Apply
Negotiable
Undetermined
Remote
Reading, England, United Kingdom
Apply
Benchmarking Certified Cloud Security Professional (CCSP) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Cloud Computing Cloud Forensics Cloud Technology Computer Forensics Computer Hardware Computer Science Corporate Security Cyber Incident Response Cyber Resilience Cyber Risk Data Recovery Digital Forensics EnCase (Digital Intelligence Software) Ethical Hacking Insider Threat Internet Of Things (IoT) Linux Malware Analysis Management Market Volatility Memory Forensics Microsoft 365 Microsoft Office Microsoft Windows Mobile Devices Network Forensics Oracle Linux Payment Card Industry (PCI) Data Security Standards Penetration Testing SIPOC Process Strategic Leadership Strategic Planning Unix

Summary: The role of Senior Digital Forensic and Incident Response Consultant involves operating as a key investigator within the Threat Research Advisory Center, focusing on live incident response and forensic analysis. The consultant will manage a variable case load, deliver proactive and reactive DFIR services, and provide strategic leadership during cyber crises. This position requires collaboration with a team of experts and client management, emphasizing integrity in analysis and quality in deliverables. The role may involve travel and 24/7 activity due to the nature of incident response work.

Key Responsibilities:

  • Conduct live incident response and computer forensic analysis.
  • Lead complex digital forensic investigations and determine attack vectors and data exfiltration.
  • Maintain forensic integrity and produce court-admissible reports.
  • Conduct Incident Response Capability Assessments and deliver strategic improvement roadmaps.
  • Develop comprehensive Incident Response Plans based on industry standards.
  • Serve as a strategic advisor on cyber risk and resilience strategy.
  • Facilitate breach simulation exercises and produce post-exercise reports with recommendations.

Key Skills:

  • Bachelor's degree or relevant work experience.
  • Experience in incident response, computer forensics, and related methodologies.
  • Proficiency in at least two operating systems: Windows, Linux, Unix, MacOS.
  • Experience in consulting customers in DFIR capacity.
  • Ability to manage customer relationships and IT investigative cases.
  • Fluency in English, both written and verbal.
  • Willingness to travel on short notice.
  • Valid driver's license.
  • Fluency in additional European languages is a plus.
  • Advanced degree in relevant fields is preferred.
  • Experience in security assessments and ethical hacking.
  • Understanding of information security and forensic tools.
  • Professional certifications in relevant fields are advantageous.

Salary (Rate): undetermined

City: Reading

Country: United Kingdom

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Tangent International are looking for a Senior Digital Forensic and Incident Response Consultant to work a 12 month extendable contract based in Reading or London (Remote with requirement for occasional travel)

Role Description:

You will be operating as a Senior Digital Forensic Incident Response (IR) Investigator within the Threat Research Advisory Center (VTRAC). As a DFIR specialist you’ll be expected to serve as a tactical arm of the team, conducting live incident response, computer forensic analysis, data recovery, and other IT investigative work. Due to the inherent volatility of investigative response work, you will be expected to discharge the various responsibilities assigned to their role while successfully managing a variable case load. The role may require 24/7 activity and travel to customer sites in the UK or overseas at short notice. In this role, you will be responsible for integrity in analysis, quality in client deliverables, as well as gathering case-load intelligence. The position will operate in a close team of computer forensics, fraud examiners, and other IT investigative experts, as well as customer management, counsel, human resources, and other IT technical personnel. As a client-facing expert within the VTRAC team, you will be delivering proactive and reactive Digital Forensics and Incident Response (DFIR) services. This role is responsible for architecting cyber resilience for clients through strategic planning and assessment, pressure-testing defenses via advanced breach simulations, and providing decisive leadership as an Incident Commander during major cyber crises. VTRAC provides an unparalleled, intelligence-driven approach to helping organizations prepare, respond, and recover from the most sophisticated cyber threats. This is an opportunity to work on the most challenging and impactful cases alongside the best in the business.

Core Deliverables & Responsibilities:

This is a senior, hands-on consulting role focused on delivering specific, high-value outcomes for enterprise clients. In this role your responsibilities are:

  • Reactive Forensic Investigations & Expert Analysis:
    • Ability to assist customers in responding rapidly and effectively to computer-related incidents and should consistently exceed expectations while working in a customer-facing setting.
    • Lead complex, large-scale digital forensic investigations in sophisticated security breaches, determining initial attack vectors, scope of compromise, and data exfiltration.
    • Act as the lead technical subject matter expert in at least two of the following domains: host-based forensics (Windows, Linux, macOS), network forensics and full packet capture analysis, memory forensics, mobile device forensics (iOS/Android), or Cloud Forensics.
    • Maintain forensic integrity of evidence and produce comprehensive, court-admissible reports and deliverables for clients, legal counsel, and regulatory bodies.
  • Proactive Resilience Engagements:
    • Conduct formal Incident Response Capability Assessments (IRCA), benchmarking client programs against maturity models to identify critical gaps in people, process, and technology and delivering strategic improvement roadmaps.
    • Lead and deliver Incident Response Plan Development (IRPD) engagements, creating comprehensive, actionable IR plans for clients based on NIST, SANS, and other industry-standard frameworks.
    • Serve as a trusted strategic advisor to client leadership (including C-suite and Board level) on matters of cyber risk, incident preparedness, and resilience strategy.
    • Design, develop, and facilitate a range of sophisticated breach simulation exercises, from executive-level, discussion-based tabletop exercises to immersive, technical simulations.
    • Create realistic, tailored threat scenarios (e.g. multi-stage ransomware, insider threat, nation-state espionage) that effectively test a client's decision-making, communication, and technical response functions under pressure.
    • Produce detailed post-exercise reports with actionable recommendations to drive continuous improvement in client security posture.

You'll need to have:

  • Bachelor's degree or relevant work experience.
  • Experience in the tools, techniques, and methodologies surrounding incident response, computer forensics, industrial control; systems, IoT, and eDiscovery.
  • Experience in at least two (2) of the following operating systems: Windows, Linux, Unix, MacOS.
  • Experience in consulting customers in DFIR capacity
  • Experience managing the day-to-day aspects of protected customer relationships, as well as IT investigative cases and corporate security incidents.
  • Ability to work in a dynamic environment, while maintaining confidentiality, and a professional image and approach with customers is critical.
  • Willingness to travel on short notice.
  • Fluency in English both written and verbal.
  • Valid driver's license.

Even better if you have one or more of the following:

  • Fluency in additional European languages (e.g., French, German, Dutch, etc.)
  • Advanced degree in Computer Science, Digital Forensics, or Cyber Incident Response.
  • Experience conducting security assessments, penetration testing, and ethical hacking.
  • Experience in evidentiary procedures, volatile criminal/civil situations, fraud analysis and IR fundamentals.
  • Understanding of information security; network architecture; general database concepts; document management; hardware and software troubleshooting; email systems, such as Microsoft Exchange, Office365, GSuite; Microsoft Office applications; and computer forensic tools such as EnCase and FTK, Velociraptor, EDR, NDR or XDR solutions -ie. CrowdStrike, Defender, SentinelOne, Darktrace, etc.
  • Experience regarding malware analysis and reverse engineering, network forensics, memory forensics and mobile forensics.
  • Experience in electronic crimes law enforcement, military intelligence, or with a security professional services organization.
  • Experience in a security professional services consulting firm.
  • One or more of the following professional certifications: GCFA, GCFE, GCIH, GNFA, CCSP, GREM, CISSP, CISM or equivalent, or ability to successfully achieve one within the first 6 months of employment.
  • Experience as a Payment Card Industry (PCI) Forensic Investigator (PFI) or Qualified Security Assessor (QSA)
Apply
Similar Jobs
Loading data...