West Monroe isn’t a start-up consulting firm, but we act like one.
From day one, our people can make a definitive personal impact for their clients and their careers. What does this mean? It means we seek out the best of the best and then we challenge them to make us better. 

If you are looking to be a “behind the scenes” technologist, this isn’t the place for you. We celebrate driven professionals who thrive in a collaborative environment. Our consultants work on front lines, partnering with clients to deliver innovative solutions in the most dynamic, complex industries. Sound interesting? Then West Monroe just might be the place for you.

Think you’re up to the challenge?
We’re looking for a senior-level consultant to join an elite team and help them resolve complex client breaches during and after Incident Response & Recovery engagements. In today’s digitally interconnected, global community, cyberattacks like data breaches and network intrusions can often handcuff even the most sophisticated enterprises – many of which rely on West Monroe to help them navigate through the crisis. Cyber digital forensics consultants on our IR&R team investigate these types of attacks, uncover critical information, and utilize their findings to engineer a real-time fix.

As a Sr Digital Forensics Consultant, you will be tasked with forensic imaging & analysis, ransomware/malware remediation, and creating investigative summaries. With the guidance of an Incident Commander, you will interface with various groups during client breach projects: West Monroe resources & consulting practices, external parties (law firms, law enforcement, insurance brokers & underwriters, media/PR), and client resources (C-Suite, Legal and GRC Departments, Physical Security, Cybersecurity, Auditing, Operations, IT, Call Centers, Marketing, Investor Relations, Communications).

Responsibilities: 

• Collaborate with WMP Incident Commanders, Incident Response Consultants, and Infrastructure Recovery Engineers to plan, coordinate, and execute remediation during client security incidents (I.e. ransomware events) – post breach. 
• Identify, contain, eradicate, and recover client information assets from risks caused by the breach. 
• Apply forensic methodology and analysis to a variety of file systems (I.e. FAT, NTFS, HFS, ext2, ext3) to retrieve data.
• Drive digital forensic examinations/investigations through the entire lifecycle (case planning, intake, acquisition, examination, presentation, and disposition).
• Conduct investigative analyses of infected hardware devices, software, and mobile applications to create investigative summaries and generate extraction reports for client/executive presentation(s). 
• Spearhead reactive and proactive threat hunting engagements by performing endpoint, network, and log analysis.
• Review and recommend technical, processes, and physical controls to mitigate damage from breach presence.
• Assist in the deployment of cybersecurity & infrastructure solutions to counteract future unethical hacking.
• Mentor and enable junior consultants to develop additional forensic, response, and threat hunting capabilities.
• Translate business and technical requirements into concrete projects proposals, including detailed work plans and cost estimates, to assist in sales efforts and develop client relationships, as well as new opportunities.
• Promote thought leadership in emerging forensic and investigation technologies by developing partnerships, leveraging go-to-market offerings, speaking at events, representing us at tech conferences, writing blog posts, etc. 

Qualifications: 

• 2-7+ years of experience within cybersecurity and a strong working knowledge of digital forensics concepts. 
• 1-2 years of experience in technology or mgmt. consulting – strongly preferred at Sr Consultant+ level.
• Professional-level certs – CISSP, CFCE, CAWFE, GCFA/GIAC, EnCE, CCFP CHFI, CEH, OSCP – strongly preferred at Sr Consultant+ level.
• BS/BA degree in IT, MIS, Computer Science, Business, Math, or another related field.
• Experience with contemporary DF investigation tools – Carbon Black, EnCase Endpoint Investigator, F-Response, FTK, Exabeam, etc. 
• Well-versed in incident response engagements, preferably at the enterprise level: technical recovery, IT forensic investigation, legal or compliance notifications, IR plan development, tabletop testing, etc.
• Strong understanding of application, database, authentication, and network security principles.
• Basic advisory experience in compliance or regulatory frameworks (I.e. HIPAA, PCI, NIST).
• Excellent organizational, verbal, presentation/facilitation, and written communication skills.
• Ability to convey complex technical security concepts to both technical and non-technical audiences during crisis situations (I.e. executive or board level presentations).
• Willingness to travel for out of town client engagements – up to 80% domestic travel.

If you’re seeking an opportunity to flex your technical muscles in a high-energy, team-oriented environment where you own your career, we’d love to hear from you. Join our team, become a WMP owner, and make us better!