Ankura is a team of excellence founded on innovation and growth.
This position supports the Data & Technology practice - one of seven practices focused on client delivery services across the Firm
We are seeking a Manager level candidate with Digital Forensics, Incident Response, Threat Intelligence, and project management experience gained in professional services.
Practice Overview
Ankura's Cybersecurity and Privacy Practice is a full-service suite of cybersecurity and privacy solutions, regardless of industry or size. Our global team of over 100 professionals includes former federal law enforcement personnel, in-house security experts, Big 4 consultants, federal regulators, threat intel and dark web experts, etc. We have helped clients and partners for 10+ years across industries and geographies with the following services:
- Incident Response, Intelligence, and Investigations.
- End Point & Managed Detection & Response.
- Technology, Privacy, and Cyber Risk Advisory.
We are seeking a strong technical manager who can take the lead in handling, investigating and guiding other team members in responding to complex cyber-attacks such as global ransomware, data leakage, hacking attacks, business email compromise and crypto-currency thefts.
Why Join Ankura
- We can support and develop individuals who aspire to be an expert.
- Vast opportunities for career development, with a formal development process, training programmes and the internal e-learning training platform, Ankura Academy.
- Work with a collaborative environment, whereby our professionals have the freedom to innovate which promotes curiosity, learning and communication.
- Respond to cyber incidents reported by clients
- Manage cyber incident responses and incident response teams
- Lead cyber investigations
- Assist with carrying out Threat Intelligence on the Open and Dark web.
- Understanding of incident analysis workflow and tools
- Quality control reviews of team members deliverables and work processes
- Perform project management and engagement risk management activities
- Support financial management of individual projects and cyber incident response team
- Manage time, tasks and resources to meet internal and external deadlines.
- Lead client communications, both written and oral, throughout the lifecycle of the project.
- Degree in Computer Science or Cyber Security, or related equivalent.
- Experience at Manager level within management consulting and the Incident Response space is essential
- A good understanding of toolsets used in DFIR to assist in the investigation and ability to leverage Threat Intelligence as well as Security Events to facilitate the investigation is expected.
- Strong effective communication, report writing and presentation skills are also important.
- Able to communicate effectively and concisely with high level management and C-suite clients on a frequent basis
- Adept in setting up new engagements to support clients in responding to incidents
- Capable of managing both short term and long-term projects
- Understanding of engagement risk
- Experience of managing teams and performance management of individuals
- Ability to identify opportunities within existing and potential clients
- Experience working with non-Windows systems (such as Linux, Unix, Mac) is a plus
- Scripting/programming experience (specifically Python, C#, VBA, or Powershell)
- Experience working in a consultancy environment
- Strong desire to work in a team in a collaborative environment to achieve common goals
- Exceptional organisational skills
- Passion for Cyber Incident Response, and a desire for continuous improvement in expertise
- Ability to correlate events from multiple sources to create a timeline analysis across end points of an incident
- Understanding of how to leverage existing security applications and appliances to address a compromise or malware/ransomware outbreak
- Experience working with Enterprise networks
- Understanding of mitigation and clean-up strategies
- Proficient in log analysis of multiple types
- Ability to analyse complex network packet captures
- Understanding of memory, how to capture, data available and analysis skills
- Understanding of how to take malware apart from a virtual machine, dynamic malware analysis, and reverse engineering perspective
- Ability to travel (including occasional international travel) at short notice.
- Available to be on-call 1 in 4 weekends each month