Renata
Back to jobs
NCC Group

Principal Consultant - DFIR

NCC Group
NLD RijswijkPosted 1 months ago
Full Timeonsite

Job Description

Principal Consultant - DFIR

Department: Cyber Services and Capabilities

Employment Type: Full Time

Location: NLD Rijswijk

Description

To manage and service NCC Group clients within the Digital Forensics and Incident Response space. 

The Principal DFIR Consultant plays a pivotal role within the team of seasoned analysts, actively participating in the analysis, and response to security incidents and events. With a focus on continuous learning and collaboration the Principal’s are adaptable to most events in challenging and dynamic situations. Through the application of deep technical skills and a strong dedication to detail-oriented analysis the Principal DFIR Consultant plays an extensive role supporting clients.  

The Role will carry Line Management opportunities and able to support and mentor all team members. Additionally, the role carries internal cross service support reviewing collaboration and efficiencies.  



Key Responsibilities

  • Managing and coordinating a cohesive team, ensuring effective collaboration, clear communication, and efficient workflow throughout technical engagements. 
  • Responding to emergency incidents, including mitigation and remediation activities. 
  • Maintaining composure and effectiveness in client Incident Management scenarios. 
  • Providing clients with high-quality technical investigations. 
  • Collaborating in the identification, resolution, and documentation of security incidents. 
  • Conducting intelligence-driven investigative analysis. 
  • The ability to discuss wider technology and security posture with a client ultimately to perform Cyber Threat assessments. 



Skills, Knowledge & Expertise

  • Ample experience in incident response, security operations or strategic security consulting. 
  • Strong technical knowledge, including the ability to conduct analysis in support of cyber incident response activities (to include an understanding of network analysis, host investigation including forensics, malware analysis). 
  • Significant experience in a Digital Forensics environment. 
  • Experienced in the use of a case management system. 
  • Perform advanced host (Log, OS, memory, EDR) network, and cloud system forensics, log analysis, and malware triage in support of incident response investigations. 
  • Experience evaluating client security controls, architecture, and operations.  
  • Experience crafting scripts (Perl, python, PowerShell, bash) and tools to further enhance incident investigative efforts. 
  • Experience triaging Windows and Linux hosts.  
  • Experience with Network Traffic Analysis.  
  • Experience with Log Data Analysis. 
  • Proven ability to explain technical output to a non-technical audience, including at an executive and C-Suite level. 
  • Experience working in 24x7 environments and turns. 
  • Ability to lead large sized projects as a lead and take responsibility for analysis and reporting. 
  • Strong interpersonal and communication skills, including report-writing and presentation skills. 
  • The ability to identify attacker Tactics, Techniques and procedures (TTPs) and to develop indicators of compromise. 
  • A relevant professional certification such as CREST CPIA/CRIA/CCNIA/CCHIA or SANS GCFA/GNFA/GCIH will be preferred.  
  • Strong understanding of common enterprise technologies and configuration, including could platforms such as Azure, M365, AWS and GCP. 



Why NCC Group?

At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.  
 
Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support. 
 
Our mission in the Digital Forensics and Incident Response Team is to be recognized by clients, analyst and partners as world-class player.  
 
Our vision:  
  • A trusted advisor at the juncture of cyber and legal, we are a global team of experts with local presence. ​ 
  • We help you understand and mitigate threats, from external or internal sources.​ 
  • We are there when you need us the most. We help you navigate complex issues often under pressure of time: identifying, preserving, processing and examining digital evidence.​ 
  • We use technology and insights to discover, analyze and present facts. ​ 
Our advice is unbiased. Our reports are concise. 
About NCC Group
Website
Principal Consultant - DFIR at NCC Group | Renata