London, UK
13 days ago
Director, Cybersecurity & Data Privacy practice (Digital Forensics & Incident Response)

Ankura is a team of excellence founded on innovation and growth.

This position supports the Data & Technology practice - one of seven practices focused on client delivery services across the Firm

We are seeking a Manager level candidate with Digital Forensics, Incident Response, Threat Intelligence, and project management experience gained in professional services.

Practice Overview

Ankura’s Cybersecurity and Privacy Practice is a full-service suite of cybersecurity and privacy solutions, regardless of industry or size.  Our global team of over 100 professionals includes former federal law enforcement personnel, in-house security experts, Big 4 consultants, federal regulators, threat intel and dark web experts, etc. We have helped clients and partners for 10+ years across industries and geographies with the following services:

Incident Response, Intelligence, and Investigations.

End Point & Managed Detection & Response.

Technology, Privacy, and Cyber Risk Advisory.

The EMEA Cybersecurity & Privacy practice is growing and has ambitions to expand its capabilities from a strong base in incident response, intelligence and investigations into additional proactive security and managed detection & response services.

We are seeking a strong technical manager who can take the lead in handling, investigating and guiding other team members in responding to complex cyber-attacks such as global ransomware, data leakage, hacking attacks, business email compromise and crypto-currency thefts.

Why Join Ankura

We can support and develop individuals who aspire to be an expert.

Vast opportunities for career development, with a formal development process, training programmes and the internal e-learning training platform, Ankura Academy.

Work with a collaborative environment, whereby our professionals have the freedom to innovate which promotes curiosity, learning and communication.

Responsibilities:

Respond to cyber incidents reported by clients

Manage cyber incident responses and incident response teams

Lead cyber investigations

Assist with carrying out Threat Intelligence on the Open and Dark web.

Understanding of incident analysis workflow and tools

Quality control reviews of team members deliverables and work processes

Perform project management and engagement risk management activities

Support financial management of individual projects and cyber incident response team

Manage time, tasks and resources to meet internal and external deadlines.

Lead client communications, both written and oral, throughout the lifecycle of the project.

Requirements:

Degree in Computer Science or Cyber Security, or related equivalent.

Experience at Manager level within management consulting and the Incident Response space is essential

A good understanding of toolsets used in DFIR to assist in the investigation and ability to leverage Threat Intelligence as well as Security Events to facilitate the investigation is expected.

Strong effective communication, report writing and presentation skills are also important.

Able to communicate effectively and concisely with high level management and C-suite clients on a frequent basis

Adept in setting up new engagements to support clients in responding to incidents

Capable of managing both short term and long-term projects

Understanding of engagement risk

Experience of managing teams and performance management of individuals

Ability to identify opportunities within existing and potential clients

Experience working with non-Windows systems (such as Linux, Unix, Mac) is a plus

Scripting/programming experience (specifically Python, C#, VBA, or Powershell)

Experience working in a consultancy environment

Strong desire to work in a team in a collaborative environment to achieve common goals

Exceptional organisational skills

Passion for Cyber Incident Response, and a desire for continuous improvement in expertise

Ability to correlate events from multiple sources to create a timeline analysis across end points of an incident

Understanding of how to leverage existing security applications and appliances to address a compromise or malware/ransomware outbreak

Experience working with Enterprise networks

Understanding of mitigation and clean-up strategies

Proficient in log analysis of multiple types

Ability to analyse complex network packet captures

Understanding of memory, how to capture, data available and analysis skills

Understanding of how to take malware apart from a virtual machine, dynamic malware analysis, and reverse engineering perspective

Ability to travel (including occasional international travel) at short notice.

Available to be on-call 1 in 4 weekends each month

Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

Confirm your E-mail: Send Email