This position is Hybrid flexible working options.
Please note, you will need to be eligible for SC clearance
NTT DATA is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team.
Using your advanced expertise in digital forensics, incident response, and cyber threat investigation, you will lead complex DFIR engagements, conduct advanced forensic analysis across diverse platforms, and provide authoritative guidance during major security incidents. You will work independently on sophisticated investigations, coordinate multi-disciplinary incident response activities, and deliver expert testimony and forensic reporting while mentoring junior investigators and analysts.
What you'll be doing:Lead complex digital forensic investigations and major incident response engagements. Conduct advanced forensic analysis, coordinate multi-disciplinary IR activities, provide expert testimony, and mentor junior investigators.
KEY RESPONSIBILITIES
\tForensic Investigations & Incident Response \tLead complex forensic investigations across Windows, Linux, macOS, mobile, and cloud platforms \tConduct advanced disk, memory, network, and malware forensic analysis \tLead major IR engagements for sophisticated cyber-attacks and data breaches \tCoordinate multi-team IR activities across technical, legal, and business stakeholders \tPerform threat hunting, containment, eradication, and recovery activities \tReconstruct attack chains, lateral movement, and APT activities Malware Analysis & Cloud Forensics \tConduct static/dynamic malware analysis and reverse engineering \tLead forensic investigations in AWS, Azure, and GCP environments \tAnalyze cloud logs, API calls, and container/Kubernetes incidents \tDevelop IOCs and detection signatures \tExpert Witness & Legal Support \tProvide expert witness testimony in legal proceedings \tPrepare forensic reports meeting legal and evidentiary standards \tWork with legal teams on e-discovery and regulatory response \tMaintain chain of custody and forensic integrity \tThreat Intelligence \tAnalyze threat actor TTPs using MITRE ATT&CK framework \tConduct threat attribution analysis and identify APT campaigns What experience you'll bring:Experience: 6+ years in digital forensics/incident response | 3+ years leading complex investigations and major IR engagements | APT or nation-state incident experience
Technical Expertise
\tForensics: EnCase, FTK, X-Ways, Autopsy, Volatility, Wireshark \tMalware: IDA Pro, Ghidra, Cuckoo Sandbox, REMnux \tMobile: Cellebrite, Magnet AXIOM \tEDR: CrowdStrike, Carbon Black, Microsoft Defender, SentinelOne \tSIEM: Splunk, ELK Stack, Azure Sentinel \tIR Tools: Velociraptor, KAPE, GRR Rapid Response \tCloud: AWS CloudTrail, Azure Monitor, GCP Cloud Logging \tDeep Knowledge: Windows internals, file systems (NTFS, ext4, APFS), malware techniques, cloud forensicsMandatory Certification: GCFA or GCFE
Preferred: GREM, CHFI, GCIH, ECIH, or EnCE
KEY COMPETENCIES
Senior-level communication with executives, legal teams, and regulators | Crisis management during high-pressure incidents | Independent problem-solving | Mentoring junior analysts
Who we are:
We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA
what we'll offer you:We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: https://uk.nttdata.com/
We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.