DFIR Consultant

Role: DFIR Consultant

Location: Taguig City, Metro Manila

Schedule: Dayshift

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference, and we want you to join in our mission, to make the world safer and more secure.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…

https://www.nccgroup.com/uk/

The Opportunity:

As a consultant, you will collaborate with various individuals and divisions within our business including the Cyber Incident Response Team, Threat Intelligence teams, Security Operations Centre teams, and our esteemed Red Team. 

Key Accountabilities:

• Execution of technical tasks within our engagements.
• Responding to emergency incidents, including mitigation and remediation activities.
• Maintaining composure and effectiveness in client Incident Management scenarios.
• Providing clients with high-quality technical investigations.
• Collaborating in the identification, resolution, and documentation of security incidents.
• Conducting intelligence-driven investigative analysis.
• The ability to discuss wider technology and security posture with a client ultimately to perform Cyber Threat assessments.
• Strong documentation and written communication skills with technical report writing experience.

Requirements:

• 2 to 4 years of experience in incident response, security operations or strategic security consulting 
• Experience evaluating client security controls, architecture, and operations.  
• Familiarity with coding, scripting languages (BASH, Powershell, Python, PERL, RUBY etc.) or software development frameworks (.NET).
• Experience supporting a SOC program in incident response tools and techniques, specifically with forensics tools such as EnCase, Forensic Toolkit, etc.
• Experience with static and dynamic malware analysis, including reverse engineering of binaries.
• Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts.
• Experience triaging Windows and Linux hosts.
• Experience with Network Traffic Analysis (PCAP data).
• Experience with Log Data Analysis.
• Ability to produce high-quality written and verbal reports, presentations, recommendations, and findings to clients.
• Ability to evaluate/enhance processes and procedures.
• Experience with Cloud environments.

Behaviours:

• Focusing on Clients and Customers
• Working as One NCC
• Always Learning
• Being Inclusive and Respectful
• Delivering Brilliantly

About NCC Group

The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.

Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative, and we embrace difference. We treat everyone and everything with equal respect.

We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email [email protected]. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.