Job Description

Ankura is a team of excellence founded on innovation and growth.

This role is situated in the Cyber, eDiscovery, and Digital Forensics teams within Ankura's Data & Technology division, which is dedicated to providing client services as one of the firm's seven key practices.

Ankura ranks among the top five fastest-growing consulting firms globally, with over 2,000 employees across more than 36 offices, serving both private and public sectors with a diverse array of services.

In 2023, Ankura expanded into Saudi Arabia, opening an office in Riyadh where we are now inviting Directors (Manager level) to join our team on a hybrid working basis. We are looking for confident, self-motivated individuals who can independently navigate a broad range of tasks, contributing to the growth of our Middle East team.

The Cybersecurity and Privacy Practice is a fast-expanding segment of Ankura's Data and Technology offerings, helping clients tackle pressing information security issues, from incident response to risk assessment and mitigation.

The Digital Forensics and Incident Response (DFIR) team delivers comprehensive services to clients facing cyber threats, focusing on immediate containment and in-depth analysis to understand and prevent attacks. Ankura's eDiscovery team leverages cutting-edge technology to handle vast amounts of unstructured data. Utilizing sophisticated tools, they convert emails, documents, and other content into a searchable format, enhancing the ability of investigation teams to swiftly pinpoint key information in various cases.

Role Overview In addition to closely collaborating with the project team to gain a deep understanding of client objectives and challenges, you will take on a team lead role, managing team members, guiding their tasks, and ensuring the quality of their work. Your role will be pivotal in delivering critical project elements efficiently and to an exceptional standard, while also fostering the development of innovative and effective workflows to address client issues.

Your expanded responsibilities will encompass overseeing project scope definition, evidence collection, and technical analysis, providing mentorship and assistance to less experienced team members. You will ensure that their contributions align with project goals and maintain the highest quality standards. As part of your role, you will work within a specialized team that is shaping an advanced Digital Forensics and Incident Response (DFIR) practice for KSA and the Middle East, leveraging support from our international experts. Your role will not only drive project success but also contribute to the professional growth of the team and the continuous improvement of our DFIR, Cyber and eDiscovery capabilities.

Responsibilities:

Respond to cyber incidents reported by clients

Manage cyber incident responses and incident response teams

Lead cyber investigations

Understanding of incident analysis workflow and tools

Quality control reviews of team members deliverables and work processes

Perform project management and engagement risk management activities

Support financial management of individual projects and cyber incident response team

Assist in data management processes, from identification, preservation through to analysis, in close collaboration with relevant teams for the best outcomes.

Investigate security incidents, analysing system and network logs, as well as conducting forensic and malware analysis.

Assess intrusion attempts by reviewing IDS alerts, firewall, network traffic, and system logs to detect unauthorized actions and data breaches.

Perform detailed forensic analysis and develop forensic reports to support our clients in understanding events and actions taken on devices.

Handle security investigations across various operating systems including Windows, Linux/Unix, macOS, iOS, and Android.

Participate in creating project plans, maintaining documentation, and preparing reports to uphold the highest quality standards.

Analyse client requirements and filter complex, unstructured datasets to minimize irrelevant data.

Conduct quality control checks to ensure the accuracy of search results, review workflows, and data processing.

Engage with clients, Ankura team members, and other stakeholders on a daily basis to maintain project momentum.

Support the firm's growth by contributing to pitches, internal training development, and firm marketing activities.

Requirements:

Significant experience at Manager level within management consulting and the Incident Response space

Able to communicate effectively and concisely with high level management and C-suite clients on a frequent basis

Adept in setting up new engagements to support clients in responding to incidents

Capable of managing both short term and long term projects

Understanding of engagement risk

Experience of managing teams and performance management of individuals

Ability to identify opportunities within existing and potential clients

Experience working with non-Windows systems (such as Linux, Unix, Mac)

Scripting/programming experience (specifically Python, C#, VBA, or Powershell)

Experience working in a consultancy environment

Strong desire to work in a team in a collaborative environment to achieve common goals

Exceptional organisational skills

Passion for Cyber Incident Response, and a desire for continuous improvement in expertise

Ability to correlate events from multiple sources to create a timeline analysis across end points of an incident

Understanding of how to leverage existing security applications and appliances to address a compromise or malware/ransomware outbreak

Experience working with Enterprise networks

Understanding of mitigation and clean-up strategies

Proficient in log analysis of multiple types

Ability to analyze complex network packet captures

Understanding of memory, how to capture, data available and analysis skills

Understanding of how to take malware apart from a virtual machine, dynamic malware analysis, and reverse engineering perspective

Master's Degree in Computer Science or Cyber Security, or related field

Ability to travel (including occasional international travel) at short notice.

Available to be on-call 1 in 4 weekends each month

Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email or call toll-free . This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

R103471