Cyber Incident Response Consultant

Thanks to continued growth, we are now seeking a Consultant to join our Cyber Incident Response team in London. As the Consultant, you will be responsible for delivering Control Risks' cyber response projects to our clients. This involves undertaking compromise assessments, business email compromise investigations, and leading the technical response on complex cases. The role reports to the Associate Director of Cyber Response (Technical) and works closely with the Cyber Crisis Management team. The ideal candidate will have an investigative background, technical skills, and a deep understanding of current and emerging threat actors.

Role Tasks and Responsibilities Technical Response

• Lead and assist with host and network-based investigations, collaborating with the Digital Forensics Incident Response (DFIR) team.
• Perform threat hunting using EDR tooling to evaluate attacker movement and prevent further activity.
• Conduct live compromise assessments for organizations suspecting a breach.
• Detect and hunt for unknown malware in memory across systems.
• Assist in commercializing developed technology and automation.
• Understand existing and emerging threat actors and their tools, tactics, and procedures.
• Work with the Cyber Threat Intelligence team to leverage technical information and automation.
• Advise on technical recovery strategies balancing understanding of incidents and rapid recovery.

Client Management

• Ensure tooling and automation are user-friendly and handle client queries effectively.

Reporting

• Provide situation reports and case-related material to clients and management.
• Prepare documentation for review before client submission.
• Support growth of the Cyber Response practice.
• Contribute to the development of response methodologies and adapt to market changes.
• This role requires being on call.
• Identify new growth opportunities.

Essential Requirements

• Experience leading cyber incident investigations.
• Technical degree or equivalent knowledge of networks, software, and hardware.
• Experience in log analysis and digital forensics.
• Proven response experience to cyber-attacks.
• Experience within a Security Operations Centre.
• Fluent in English, both written and spoken.
• Excellent presentation and analytical skills.

Preferred Skills and Qualifications

• Understanding of MITRE ATT&CK techniques and ability to explain TTPs to clients.
• Experience creating SIGMA, SNORT, and YARA rules for detection.

Control Risks offers a competitive compensation and benefits package, including a global bonus scheme and flexible working arrangements. We are committed to equal opportunity employment and encourage applicants from diverse backgrounds to apply.