Senior Consultant – Digital Forensics & Incident Response

Role Overview

The Senior Consultant – DFIR plays a key role in delivering cybersecurity incident response and forensic investigation services. This position involves working closely with cross-functional security teams to manage and investigate security incidents, support threat analysis, and provide actionable insights to clients.

The role requires strong technical expertise, analytical thinking, and the ability to perform effectively in high-pressure incident scenarios.

• Execute technical tasks across cybersecurity and incident response engagements
• Respond to security incidents, including containment, mitigation, and remediation activities
• Conduct detailed forensic investigations and deliver high-quality technical analysis
• Support incident management activities while maintaining professionalism and composure in client-facing situations
• Collaborate with internal security teams to identify, analyze, and document security events and incidents
• Perform intelligence-led investigations to assess threats and vulnerabilities
• Evaluate client security posture and contribute to cyber threat assessments
• Develop clear, structured technical reports and communicate findings effectively to stakeholders
• Assist in improving internal processes, methodologies, and response procedures

• 2–4 years of experience in incident response, security operations, or cybersecurity consulting
• Experience assessing security controls, architectures, and operational environments
• Familiarity with scripting or programming languages such as Bash, PowerShell, Python, Perl, or Ruby; exposure to development frameworks (e.g., .NET) is advantageous
• Hands-on experience with digital forensics tools (e.g., EnCase, FTK) and methodologies
• Knowledge of malware analysis techniques, including static and dynamic analysis and basic reverse engineering
• Ability to create detection rules, signatures, and scripts to support threat detection and analysis
• Experience investigating Windows and Linux systems
• Knowledge of network traffic analysis (e.g., PCAP data) and log analysis
• Strong written and verbal communication skills, including technical reporting and client presentations
• Experience working in or supporting Security Operations Center (SOC) environments
• Familiarity with cloud platforms and environments

• Client-focused mindset with strong stakeholder engagement skills
• Collaborative approach to working within cross-functional teams
• Commitment to continuous learning and professional development
• Strong attention to detail and analytical problem-solving skills
• Ability to perform under pressure and manage multiple priorities effectively
• Professionalism, accountability, and respect in all interactions

• Hybrid work setup with a mix of remote and onsite work
• Exposure to diverse industries and complex cybersecurity challenges
• Opportunity to work alongside specialized security teams and experts