Senior Consultant, Cyber Response

The Senior Consultant is responsible for delivering Incident Response support to our clients by helping them investigate and remediate the impacts of cyber attacks quickly and comprehensively. This role will report to the Associate Director of Cyber Response and work closely with the Cyber Crisis Management team. The successful candidate will have a strong technical skill set and a deep understanding of current and emerging threat actors.

Role tasks and responsibilities

Incident response

• Overseeing cloud, host and network based investigations.
• Ownership of the lifecycle of a cyber incident including identification, containment, eradication and recovery.
• Define and execute investigative strategies to meet our clients needs including guiding more junior members of the team to help implement this strategy.
• Lead technical scoping engagement, triage priorities, and recovery strategy for affected systems.
• Perform log analysis from a variety of sources (e.g., individual host logs, network traffic logs) to identify threats.
• Undertake evidence acquisition on a variety of assets and lead the investigation, identify the root cause / overall impact caused by the threat.
• Advise our clients on how to eradicate the threats and rebuild securely utilizing the findings from your investigation.
• Threat hunting using endpoint tooling and findings from your investigation to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity.
• Perform live compromise assessments for organizations who suspect a compromise.
• Detect and hunt unknown live, dormant, and custom malware in memory across multiple systems in an enterprise environment.
• Demonstrate a deep understanding of both existing and emerging threat actors, as well as experience identifying rapidly changing tools, tactics and procedures of attackers.
• Advise on the safe technical recovery of an organizations IT systems balancing the need to understand what has happened but speed up recovery.
• This role has a requirement to be on call.

Client Management

• To support with client relationship management facilitating where appropriate introduction and provision of additional technical Control Risks services.
• Working closely with Cyber Response Management to ensure a cohesive go-to-market approach.
• Ensure tooling and automation developed is customer friendly to deploy and use. Be responsible for any customer queries that arise from the use of the technology and automation.

Reporting

• Provide situation reports and other significant case related material to the client and the Director of Cyber Response.
• Provide documentation to the relevant consultants in sufficient time to allow review and feedback, before submitting to a client.
• Report on the performance of the Technical Cyber Response work and forecast technical and resource requirements in the near and long term.
• Ensure the output of tooling and automation is easily readable and presentable both during cases in situation reports but also within formal end of case reports.

Supporting the growth of the Cyber Response practice

• Supporting the development of an ever-improving global technology stack to more rapidly and effectively respond to client incidents.
• Refining Control Risks’ cyber response methodologies and approaches and tailoring the approach in changing market conditions.
• Identifying potential new areas of growth and opportunity.

• Candidates must be legally authorized to work in the US on a permanent basis without sponsorship.
• Candidates must possess unrestricted US work authorization.
• Technical degree or demonstrated knowledge of common networks, software and hardware used in business environments
• Experience in conducting log analysis and digital forensics following a cyber incident
• Proven experience in responding to cyberattacks and information security related advisory
• Proven experience working with technologies including: Windows systems, networking, and virtualization technologies
• Demonstrable experience of operating within a commercial environment
• Track record of developing consultative relationships with clients
• Fluent in English (written and spoken)
• Excellent presentation skills
• Excellent analytical skills
• This role has a requirement to be on call.
• Preferred: Strong understanding of MITRE ATT&CK techniques / sub-techniques and the ability to articulate TTPs to clients in non-technical terms.
• Preferred: Fluency in a second language.
• Preferred: Qualifications or certifications such as: CREST Registered Intrusion Analyst (CRIA), Certified Network Intrusion Analyst (CCNIA), Certified Host Intrusion Analyst (CCHIA), SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) or Enterprise-Class Incident Response & Threat Hunting (FOR608), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and full membership of ISACA.

The base salary range for this position is $115,000-$125,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience.

Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs.

Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov.

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer.
• Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
• Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program.
• As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.