Ankura is a team of excellence founded on innovation and growth.
Practice Overview:
Ankura’s Cybersecurity and Privacy Practice is a full-service suite of solutions to respond to clients’ cybersecurity and privacy needs, regardless of industry or size. Our team includes former Big 4 consultants, intelligence community and law enforcement personnel, federal regulators, private security firms, and technology companies. We are equipped and prepared to provide services across a range of areas that include: Proactive Preparedness, Incident Response, Investigations, Cyber Resilience, Data Privacy, Managed Advisory Services and Managed Data Protection Services.
Role Overview:
As a Senior Director, you will be a key member of the cybersecurity investigations and expert services team: intimately familiar with the practice’s customer support objectives and responsible for performing substantive threat discovery and analysis activities while conveying your results to internal and external customers. The role will support complex cyber investigations and require experience in the identification, collection, preserving, analyzing, and processing of evidence acquired during investigative activities.
Responsibilities:
Serve as a practice subject matter expert in digital media analysis
Advise clients and testify as an expert witness during civil litigation
Acquire forensic images using write blocking technology
Prepare and transfer digital evidence while maintaining chain of custody
Assemble, correlate, and contextualize disparate sources of data to drive investigations and inform clients
Apply expertise, initiative, and innovative solutions to complex cyber and information security issues to include: incident response, investigations, pursuit, and mitigation services
Maintain detailed records (paper/digital) that document and report investigative activities and results
Supervise the practice’s use of complex digital media analysis tools, processes, and procedures
Prepare products for internal and external customers that detail project activity, scope, and findings
Develop and maintain effective working relationships with clients and colleagues
Manage a team of junior colleagues, developing project work plans, and ensuring error-free work product across the team
Ensure the integrity of electronically stored information is admissible in a court of law
Proactively research and recommend technology solutions and process improvements that will ensure continued defensibility
Qualifications:
Bachelor’s Degree in a business or technology-related field
8+ years of experience working in the field of cybersecurity investigations including digital media analysis and computer forensics
Knowledge and experience with cyber threat actor Tactics, Techniques, and Procedures (TTPs), cyber incident response, link analysis correlation tools, host and network analysis principles, expert witness support, and/or other related areas
Working knowledge of digital forensic suites such as FTK, X-Ways, and AXIOM
Experience fusing open source collections with investigative results
Project management and service delivery to clients’ experience
GCFA, EnCE, ACE, or other comparable certifications preferred
Flexibility to travel as required
#LI-NT1
#LI-Remote
*
Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.