Associate Director Digital Forensics and Incident Response

We now have an exciting opportunity for an Associate Director to join our Digital Forensics and Incident Response (DFIR) team in London. As the senior member of the EMEA DFIR team with deep digital forensic experience, you will be integral to the wider EMEA practice, and in turn part of a global practice offering and influencing the direction of our forensic technology and digital forensics incident response capability. The Discovery and Data Insights department is the hub of all technical consulting and you will provide digital forensics and incident response solutions for matters which involve cyber response investigations, digital forensic investigations, eDiscovery and data analytics. Our clients include law firms and Fortune 500 multi-nationals across the globe.

Day to day, you will be executing and managing matters that arise on short notice and there will be a need to deploy the team and support crises. As the technical lead for engagements, you will provide direction to empower the team and provide quality assured, highly responsive forensic incident management. A significant portion of the role will require you to engage across the business to leverage technology consulting into all business development and go-to-market strategy. You will be responsible for increasing the technical team’s visibility and capability in performing business development and supporting marketing initiatives, from thought leaders, white papers, technical demonstrations and collaborative meetings with our colleagues with clients. This role will play a key part in ensuring our ongoing growth and success across the region.

Responsibilities

• Manage and provide forensic incident response consultancy and expertise in scoping data estates, data collections, investigative analysis to our clients
• Support our teams in our adjacent divisions, notably Digital Risks, Investigations and Technology Consulting across regions
• To provide high quality deliverables to our clients in a timely and efficient manner
• To ensure work is defensible and to an evidential standard as appropriate for tasks
• To be innovative and creative showing initiative in bringing teams together
• To anticipate client needs and continually strive for ways to work efficiently
• To respond to potential enquiries and convert these into opportunities/sales leads and proposals
• To actively engage and lead in business development and marketing for all of Discovery and Data Insights and across services (particularly Cyber and Investigations/Forensic Accounting)

• Willingness and flexibility to travel internationally

• Extensive professional and technology experience, preferably in digital forensics in a cyber context, forensic investigations, financial crime or compliance setting.
• Proven knowledge and technical computer forensics experience for cyber incident response and investigations. Thorough understanding of best practice procedures (MITRE ATT&CK framework, NPCC, NIST, SANS etc.) evidence handling, computer systems and tools of the trade
• Expert understanding of multiple operating systems, particularly Microsoft and Linux infrastructure and networking systems, both on-premise and in the cloud, as well as dedicated cloud services such as Microsoft 365/Azure, Google Workspace, AWS etc.
• Expertise in PowerShell scripting, Bash scripts, Python, SQL and data wrangling for log analysis
• Expertise with the industry standard forensic software tools such as X-Ways, EnCase, Nuix, Axiom, Cellebrite and forensic hardware tools.
• Expertise with open-source tools (such as Velociraptor) and leveraging commercial tools (such as X-Ways, EnCase and Nuix) for forensic use.
• Established track record for performing forensic collections, involvement in incident response and digital investigations alongside maintaining detailed contemporaneous notes
• Able to prepare written analyses, summary reports, presentations and other client deliverables for projects and work performed.
• Impeccable written and oral presentation skills to effectively communicate with diverse audiences of varying degrees of expertise.
• Proven experience at managing client expectations and providing relevant solutions through the project lifecycle.
• Identify relevant extensible opportunities such as post-breach/post remediation services.
• Demonstrable interpersonal skills and an ability to work effectively in teams
• Experience in creating project estimates, project plans, proposals and retention agreements.
• Proven ability to manage and develop a team of professionals through empowerment, coaching and motivation.
• Ability to work well under pressure and meet tight deadlines, while effectively juggling competing demands, prioritising appropriately, and overseeing multiple tasks simultaneously.

Preferred

• Wide understanding of programming/scripting skills

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
• We operate a discretionary global bonus scheme that incentivises, and rewards individuals based on company and individual performance.
• Control Risks supports hybrid working arrangements, wherever possible, that emphasise the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
• As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.