DFIR Consultant
5 months ago
DFIR Consultant
Digital Forensics & Incident Response
United Kingdom
Role Purpose
To Support and service NCC Group clients within the Digital Forensics and Incident Response space
The DFIR Consultant plays a vital role within the team of seasoned analysts, actively participating in the analysis, and response to security incidents and events. With a focus on continuous learning and collaboration the Seniors are adaptable to most events in challenging and dynamic situations. Through the application of foundational technical skills and a strong dedication to detail-oriented analysis the Senior DFIR Consultant plays a key role supporting clients.
Key Accountabilities
- Collaborating with peers and completion of assigned projects
- Maintaining high standards of delivery
- Ability to analyze and interpret situations efficiently
- Ability to consult in high pressure situations
- Supporting Sales when required
Functional and technical skills
Minimum Requirements
Strong technical knowledge, including the ability to conduct analysis in support of cyber incident response activities (to include an understanding of network analysis, host investigation including forensics, malware analysis).
Experience using industry standard software and tooling for the capture and analysis of data, including experience of EDR software.
Experience evaluating client security controls, architecture, and operations.
Experience crafting scripts and tools to further enhance incident investigative efforts.
Experience triaging Windows and Linux hosts.
Experience with Network Traffic Analysis.
Experience with Log Data Analysis
Proven ability to explain technical output to a non-technical audience, including at a senior level.
Ability to lead small to medium sized projects as a lead and take responsibility for analysis and reporting.
Strong interpersonal and communication skills, including report-writing and presentation skills.
A relevant professional certification such as CREST CPIA/CRIA/CCNIA/CCHIA or SANS GCFA/GNFA/GCIH
Good understanding of common enterprise technologies and configuration, including could platforms such as Azure, AWS and GCP.
Behaviors
- Client-Focused: Prioritises client needs and expectations, ensuring that all actions and decisions lead to client satisfaction.
- Collaborates as ‘One NCC’: Works in unison with all departments and teams, fostering a united front and shared objectives across the entire organization.
- Adds Value: Goes beyond the minimum requirements to provide solutions and contributions that support the customer’s recovery.
About NCC Group
We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment – in our people, our business and we want to invite talented people to join us in our vision to be the leading cyber security advisor.
The NCC Group family has 2,500 members located around the world providing a trusted advisory service to 15,000 customers. Our heart is in our space.
About your application
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details please email cv@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage
Please note that this role has background clearance as mandatory due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.