Cyber Investigation and Forensic Response Manager or Senior Manager

About Accenture's Cyber Investigation and Forensic Response Team

Accenture's Security is a rapidly expanding area within the business, driven by significant growth through recruitment and acquisitions. Our global Cyber Investigation and Forensic Response (CIFR) practice is uniquely positioned to deliver round-the-clock incident response services to an expanding portfolio of enterprise customers. This role offers an unbeatable platform to build a career, with a vast variety and scale of work. The team operates across Europe, providing expertise to multi-national clients and thought leadership within Accenture.

You will learn, grow, and advance in an innovative culture that thrives on shared success, diverse thinking, and boundaryless opportunities, propelling your career in new and exciting ways. If you seek a challenging career in a vibrant environment with access to training and a global network of experts, this role is ideal. As part of our global team, you will engage with cutting-edge technologies and develop a wide range of new skills.

Accenture CIFR Security professionals are:

• Highly credible, capable of engaging on a broad C-suite agenda.
• Possess the personal and professional attributes needed to guide senior leadership in formulating strategies for robust, dynamic security capabilities and enterprise resilience.
• Equipped with deep industry expertise to understand industry nuances and guide client executives in developing suitable strategies for the dynamic incident response theatre.
• Knowledgeable about current and future client needs within the security marketplace and client industry dynamics, applying insights to recommend short and long-term value creation for clients.

Key Responsibilities of a Cyber Investigation and Forensic Response Manager or Senior Manager

In this role, you will:

• Lead incident response engagements, coordinating assigned resources for on-site and remote investigations.
• Identify and investigate intrusions to determine the cause and extent of breaches.
• Conduct data collection, host and network digital forensics, log analysis, malware analysis, and living-off-the-land techniques for incident response, leveraging EDR solutions and threat intelligence.
• Perform incident response within various Cloud platforms.
• Identify attacker Tactics, Techniques and Procedures (TTPs) to develop indicators of compromise.
• Take a lead role in authoring comprehensive written client reports on investigative findings.
• Effectively communicate and interface with customers, both technically and strategically, to customer stakeholders and legal counsel throughout the engagement lifecycle.
• Support Accenture leadership in properly scoping engagements with innovative methodical approaches based on customer requirements.
• Mentor and train CIFR team members.

What Accenture Offers

At Accenture, in addition to a competitive basic salary, you will receive an extensive benefits package including up to 30 days vacation per year, private medical insurance, and 3 extra days leave per year for charitable work. Flexibility and mobility are required, involving time spent on-site with clients and partners to deliver first-class services.

Required Skills and Experience

We are looking for experience in the following:

• Strong knowledge of incident response, digital forensics, and cyber incident investigation processes.
• Strong familiarity with common DFIR toolsets.
• Strong DFIR related knowledge of Microsoft Windows, GNU/Linux, and MacOS operating systems.
• Experience with Threat Hunting, both on the endpoint and ideally network.
• The ability to identify attacker Tactics, Techniques and Procedures (TTPs) and develop indicators of compromise.
• Proficiency in finding and eradicating attackers, and improving monitoring and protection capabilities.
• Ability to develop and implement dynamic remediation plans for customers during incident response engagements.
• Understanding of enterprise environments and how they work.
• Understanding of common malware types and behaviours and common infection vectors.
• The ability to lead a team of investigators during demanding engagements, including client interaction.
• Excellent project management and client-facing communication skills.

Set Yourself Apart

Valuable additional experience includes:

• Experience with Cloud environments.
• Experience with OT and ICS environments.
• Knowledge of scripting and programming languages.
• Experience with reverse engineering and sandboxing technologies.
• Relevant degree in computing/IT.
• Security certifications such as GREM, GCFE, GCFA, CEH, GCIH.
• Minimum 5 years of DFIR experience.

Key skills/competency

• Incident Response
• Digital Forensics
• Cyber Investigation
• Threat Hunting
• Malware Analysis
• Log Analysis
• Cloud Security
• Endpoint Detection & Response (EDR)
• Client Communication
• Team Leadership