Cyber Security Consultant

Job Title: Senior Consultant, Digital Forensics & Incident Response

Location: UK - London or Reading (Ocassional Travel)

Role Overview

We are seeking an experienced Digital Forensics and Incident Response (DFIR) Consultant to join our cybersecurity team. The ideal candidate will be highly skilled in forensic investigations, incident response, and resilience engagements, with a proven track record of working directly with clients in high-pressure environments. This role requires both technical expertise and strong client-facing consulting skills, with the ability to lead investigations, advise executives, and design strategies to strengthen cyber resilience.

Key Responsibilities

Reactive Forensic Investigations & Expert Analysis

• Lead complex, large-scale digital forensic investigations in sophisticated security breaches, identifying initial attack vectors, scope of compromise, and potential data exfiltration.

• Assist customers in responding rapidly and effectively to cyber incidents, consistently exceeding expectations in customer-facing engagements.

• Act as a lead technical subject matter expert in at least two of the following domains:

  • Host-based forensics (Windows, Linux, macOS)

  • Network forensics and full packet capture analysis

  • Memory forensics

  • Mobile device forensics (iOS/Android)

  • Cloud forensics

• Preserve forensic integrity of evidence and produce comprehensive, court-admissible reports and deliverables for clients, legal counsel, and regulators.

Proactive Resilience Engagements

• Conduct Incident Response Capability Assessments (IRCA) to benchmark client programs against maturity models, identifying gaps across people, processes, and technology.

• Lead the development of Incident Response Plans (IRPD) based on NIST, SANS, and other industry-standard frameworks.

• Serve as a trusted advisor to client leadership, including C-suite and Board members, on cyber risk, incident preparedness, and resilience strategies.

• Design, develop, and facilitate advanced breach simulation exercises, including executive-level tabletop sessions and immersive technical simulations.

• Create realistic threat scenarios (e.g., multi-stage ransomware, insider threats, nation-state attacks) to test client readiness under pressure.

• Deliver post-exercise reports with actionable recommendations to continuously improve client security posture.

Requirements

• Education/Experience: Bachelor’s degree in a related field or equivalent professional experience.

• Technical Expertise: Proficiency with incident response, computer forensics, eDiscovery, and related tools and methodologies; exposure to ICS/SCADA and IoT environments is advantageous.

• Operating Systems: Hands-on experience with at least two of the following: Windows, Linux, Unix, MacOS.

• Client Engagement: Demonstrated experience in consulting customers in a DFIR capacity and managing client relationships during investigations and security incidents.

• Soft Skills: Ability to operate effectively in dynamic environments while maintaining confidentiality, professionalism, and composure.

• Other Requirements:

  • Willingness to travel at short notice.

  • Fluency in written and spoken English.

  • Valid driver’s license.