Digital Forensics Lead
At West Monroe, our people are our business.
We pride ourselves on bringing a different mindset to consulting—and that takes a different approach: highly collaborative, flexible, and tenacious.
Our people-first, highly collaborative culture is core to our identity. It’s something we care about, and something we strive to enrich and preserve. No hierarchies. No siloes. No egos. Just smart ideas, and the drive to make an impact for our clients.
Every day our clients rely on us to help them tackle their greatest challenges, by strategically deploying technology through a business-focused and industry-specific lens. We bring together both the right knowledge and the right approach, so that they can capitalize on opportunities and deliver real results. That takes the right team. And that’s where you come in.
Ready for the next step on your career journey?
We’re looking for a Manager-level consultant to join an elite team and help resolve complex client breaches during and after Incident Response & Recovery engagements. In today’s digitally connected, global community, cyberattacks like data breaches and network intrusions can often handcuff even the most sophisticated enterprises – many of which rely on West Monroe to help them navigate through the crisis. Cyber digital forensics consultants on our IR&R team investigate these types of attacks, uncover critical information, and utilize their findings to engineer a real-time fix.
As a Digital Forensics Manager, you will be tasked with forensic imaging & analysis, ransomware/malware remediation, and creating investigative summaries. Working with an Incident Commander, you will interface with various groups during client breach projects: West Monroe resources & consulting practices, external parties (law firms, law enforcement, insurance brokers & underwriters, media/PR), and client resources (C-Suite, Legal and GRC Departments, Physical Security, Cybersecurity, Auditing, Operations, IT, Call Centers, Marketing, Investor Relations, Communications).
Responsibilities:
- Collaborate with Incident Commanders, IR, and Infrastructure Recovery consultants to plan, coordinate, and execute remediation during client security incidents (I.e. ransomware events) – post breach
- Identify, contain, eradicate, and recover client information assets from risks caused by the breach
- Apply forensic methodology and analysis to a variety of file systems (I.e. FAT, NTFS, HFS, ext2, ext3) to retrieve data
- Drive digital forensic examinations/investigations through the entire lifecycle (case planning, intake, acquisition, examination, presentation, and disposition)
- Conduct investigative analyses of infected hardware devices, software, and mobile applications to create investigative summaries and generate extraction reports for client/executive presentation(s)
- Spearhead reactive and proactive threat hunting engagements by performing endpoint, network, and log analysis
- Review and recommend technical, processes, and physical controls to mitigate damage from breach presence
- Assist in the deployment of cybersecurity & infrastructure solutions to counteract future unethical hacking
- Mentor and enable junior consultants to develop additional forensic, response, and threat hunting capabilities
- Translate business and technical requirements into concrete projects proposals, including detailed work plans and cost estimates, to assist in sales efforts and develop client relationships, as well as new opportunities
- Promote thought leadership in emerging forensic and investigation technologies by developing partnerships, leveraging go-to-market offerings, speaking at events, representing us at tech conferences, writing blog posts, etc.
Qualifications:
- 6-11+ years of experience within cybersecurity and a strong working knowledge of digital forensics concepts
- 2-4 years of experience in technology or mgmt. consulting – strongly preferred at Senior Consultant+ level
- Professional-level certs – CISSP, CFCE, CAWFE, GCFA/GIAC, EnCE, CCFP CHFI, CEH, OSCP – strongly preferred at Sr Consultant+ level
- BS/BA degree in IT, MIS, Computer Science, or related field preferred, not required
- Experience with contemporary DF investigation tools – Carbon Black, EnCase Endpoint Investigator, F-Response, FTK, Exabeam, etc.
- Well-versed in incident response engagements, preferably at the enterprise level: technical recovery, IT forensic investigation, legal or compliance notifications, IR plan development, tabletop testing, etc.
- Strong understanding of application, database, authentication, and network security principles
- Excellent organizational, verbal, presentation/facilitation, and written communication skills
- Ability to convey complex technical security concepts to both technical and non-technical audiences during crisis situations (I.e. executive or board level presentations)
- Willingness to travel for out of town client engagements up to 80%
- Ready to get started? Join our team and make an impact.
Ready to get started? Join our team and make an impact.