Director, Cybersecurity & Data Privacy practice (Digital Forensics & Incident Response)

Ankura is a team of excellence founded on innovation and growth.

This position supports the Data & Technology practice - one of seven practices focused on client delivery services across the Firm

We are seeking a Manager level candidate with Digital Forensics, Incident Response, Threat Intelligence, and project management experience gained in professional services.

Practice Overview

Ankura’s Cybersecurity and Privacy Practice is a full-service suite of cybersecurity and privacy solutions, regardless of industry or size.  Our global team of over 100 professionals includes former federal law enforcement personnel, in-house security experts, Big 4 consultants, federal regulators, threat intel and dark web experts, etc. We have helped clients and partners for 10+ years across industries and geographies with the following services:

• Incident Response, Intelligence, and Investigations.

• End Point & Managed Detection & Response.

• Technology, Privacy, and Cyber Risk Advisory.

The EMEA Cybersecurity & Privacy practice is growing and has ambitions to expand its capabilities from a strong base in incident response, intelligence and investigations into additional proactive security and managed detection & response services.

We are seeking a strong technical manager who can take the lead in handling, investigating and guiding other team members in responding to complex cyber-attacks such as global ransomware, data leakage, hacking attacks, business email compromise and crypto-currency thefts.

Why Join Ankura

• We can support and develop individuals who aspire to be an expert.

• Vast opportunities for career development, with a formal development process, training programmes and the internal e-learning training platform, Ankura Academy.

• Work with a collaborative environment, whereby our professionals have the freedom to innovate which promotes curiosity, learning and communication.

Responsibilities:

• Respond to cyber incidents reported by clients

• Manage cyber incident responses and incident response teams

• Lead cyber investigations

• Assist with carrying out Threat Intelligence on the Open and Dark web.

• Understanding of incident analysis workflow and tools

• Quality control reviews of team members deliverables and work processes

• Perform project management and engagement risk management activities

• Support financial management of individual projects and cyber incident response team

• Manage time, tasks and resources to meet internal and external deadlines.

• Lead client communications, both written and oral, throughout the lifecycle of the project.

Requirements:

• Degree in Computer Science or Cyber Security, or related equivalent.

• Experience at Manager level within management consulting and the Incident Response space is essential

• A good understanding of toolsets used in DFIR to assist in the investigation and ability to leverage Threat Intelligence as well as Security Events to facilitate the investigation is expected.

• Strong effective communication, report writing and presentation skills are also important.

• Able to communicate effectively and concisely with high level management and C-suite clients on a frequent basis

• Adept in setting up new engagements to support clients in responding to incidents

• Capable of managing both short term and long-term projects

• Understanding of engagement risk

• Experience of managing teams and performance management of individuals

• Ability to identify opportunities within existing and potential clients

• Experience working with non-Windows systems (such as Linux, Unix, Mac) is a plus

• Scripting/programming experience (specifically Python, C#, VBA, or Powershell)

• Experience working in a consultancy environment

• Strong desire to work in a team in a collaborative environment to achieve common goals

• Exceptional organisational skills

• Passion for Cyber Incident Response, and a desire for continuous improvement in expertise

• Ability to correlate events from multiple sources to create a timeline analysis across end points of an incident

• Understanding of how to leverage existing security applications and appliances to address a compromise or malware/ransomware outbreak

• Experience working with Enterprise networks

• Understanding of mitigation and clean-up strategies

• Proficient in log analysis of multiple types

• Ability to analyse complex network packet captures

• Understanding of memory, how to capture, data available and analysis skills

• Understanding of how to take malware apart from a virtual machine, dynamic malware analysis, and reverse engineering perspective

• Ability to travel (including occasional international travel) at short notice.

• Available to be on-call 1 in 4 weekends each month

Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.