Senior Associate, Cyber Security Incident Response

Ankura is a team of excellence founded on innovation and growth.

Primary Responsibility:

• Work on client engagements and communicate with client stake holders
• Monitor, detect, and report any threats directed against the clients’ networks and systems and identifying indicators of compromise
• Ability to quickly and accurately triage security events and incidents to stop immediate threats using knowledge of cyber-attacks and data analysis skills.
• Develop playbooks and processes for incident management and response
• Plan for business continuity and disaster recovery in event of security incident
• Perform tests, exercises, and drills of all response plans
• Ability to forensically acquire, preserve electronic data stored on end user machines, servers, cloud etc. on site or remotely.
• Ability to conduct in-depth investigation & research including forensic analysis, deleted data recovery, carving by gathering data and information from variety of sources.
• Ability to analyse data, prepare report and present findings coherently.
• Coordinating research & development on new threats, monitoring dark web and working closely with team members.
• Review and assess inbound emergency escalations, make immediate decisions based on variety of complex factors and coordinate with and advise internal and external parties / clients on securing the IT infrastructure

Required Skillsets & Qualifications:

• Minimum 5 to 6 years of hands-on experience in Digital Forensics and Incident Response.
• Proficiency with advanced digital forensic tools (such as Magnet Axiom, Cellebrite, BlackLight) and Incident Response platforms (such as Splunk, QRadar, or similar).
• Experience in investigating cyber breaches e.g. Business Email Compromise (BEC), malware, ransomware, etc.
• Experience in analysing logs for DLP, Incident investigation, MFT, Prefetch etc.
• Experience with cloud platforms (AWS, Azure, GCP) and understanding of cloud security frameworks.
• Strong understanding of network protocols, encryption technologies, and endpoint security solutions.
• Understanding of operating systems, e.g., Windows, Mac, Linux, iOS, and Android • Ability to synthesize large volumes of information.
• Flexible team player, with strong interpersonal skills.
• Ability to multitask on various projects. • Bachelor's or Master's degree in Information Technology, Cyber Security, Digital Forensics, or a related field.
• Scripting will be a plus point to the team - Python, C, Bash, Shell, etc.
• Preferred Certifications: GCFA/GCFE/GNFA/EnCE, CCFP, GCFA, GCIH
• Self-starter requiring minimal direction 2
• Excellent communication skills, should be experience adapting communication style to suit different stakeholders like cross-functional teams, India and overseas
• Project Management, Operations or Process Improvement Experience
• Excellent problem-solving skills and the ability to work under pressure.

#LI-JK1

Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.