Ankura is a team of excellence founded on innovation and growth.
This position supports the Data & Technology practice - one of seven practices focused on client delivery services across the Firm
We are seeking a Manager level candidate with Digital Forensics, Incident Response, Threat Intelligence, and project management experience gained in professional services.
Practice Overview
Ankura’s Cybersecurity and Privacy Practice is a full-service suite of cybersecurity and privacy solutions, regardless of industry or size. Our global team of over 100 professionals includes former federal law enforcement personnel, in-house security experts, Big 4 consultants, federal regulators, threat intel and dark web experts, etc. We have helped clients and partners for 10+ years across industries and geographies with the following services:
Incident Response, Intelligence, and Investigations.
End Point & Managed Detection & Response.
Technology, Privacy, and Cyber Risk Advisory.
The EMEA Cybersecurity & Privacy practice is growing and has ambitions to expand its capabilities from a strong base in incident response, intelligence and investigations into additional proactive security and managed detection & response services.
We are seeking a strong technical manager who can take the lead in handling, investigating and guiding other team members in responding to complex cyber-attacks such as global ransomware, data leakage, hacking attacks, business email compromise and crypto-currency thefts.
Why Join Ankura
We can support and develop individuals who aspire to be an expert.
Vast opportunities for career development, with a formal development process, training programmes and the internal e-learning training platform, Ankura Academy.
Work with a collaborative environment, whereby our professionals have the freedom to innovate which promotes curiosity, learning and communication.
Responsibilities:
Respond to cyber incidents reported by clients
Manage cyber incident responses and incident response teams
Lead cyber investigations
Assist with carrying out Threat Intelligence on the Open and Dark web.
Understanding of incident analysis workflow and tools
Quality control reviews of team members deliverables and work processes
Perform project management and engagement risk management activities
Support financial management of individual projects and cyber incident response team
Manage time, tasks and resources to meet internal and external deadlines.
Lead client communications, both written and oral, throughout the lifecycle of the project.
Requirements:
Degree in Computer Science or Cyber Security, or related equivalent.
Experience at Manager level within management consulting and the Incident Response space is essential
A good understanding of toolsets used in DFIR to assist in the investigation and ability to leverage Threat Intelligence as well as Security Events to facilitate the investigation is expected.
Strong effective communication, report writing and presentation skills are also important.
Able to communicate effectively and concisely with high level management and C-suite clients on a frequent basis
Adept in setting up new engagements to support clients in responding to incidents
Capable of managing both short term and long-term projects
Understanding of engagement risk
Experience of managing teams and performance management of individuals
Ability to identify opportunities within existing and potential clients
Experience working with non-Windows systems (such as Linux, Unix, Mac) is a plus
Scripting/programming experience (specifically Python, C#, VBA, or Powershell)
Experience working in a consultancy environment
Strong desire to work in a team in a collaborative environment to achieve common goals
Exceptional organisational skills
Passion for Cyber Incident Response, and a desire for continuous improvement in expertise
Ability to correlate events from multiple sources to create a timeline analysis across end points of an incident
Understanding of how to leverage existing security applications and appliances to address a compromise or malware/ransomware outbreak
Experience working with Enterprise networks
Understanding of mitigation and clean-up strategies
Proficient in log analysis of multiple types
Ability to analyse complex network packet captures
Understanding of memory, how to capture, data available and analysis skills
Understanding of how to take malware apart from a virtual machine, dynamic malware analysis, and reverse engineering perspective
Ability to travel (including occasional international travel) at short notice.
Available to be on-call 1 in 4 weekends each month
Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.