Senior Digital Forensics and Incident Response Consultant

Senior Digital Forensics and Incident Response Consultant

Join to apply for the Senior Digital Forensics and Incident Response Consultant role at NTT DATA

Direct message the job poster from NTT DATA

NTT DATA is one of the world’s largest global security service providers, partnering with some of the most recognized security technology brands. We’re looking for passionate, curious, and motivated individuals to join our team. Using your advanced expertise in digital forensics, incident response, and cyber threat investigation, you will lead complex DFIR engagements, conduct advanced forensic analysis across diverse platforms, and provide authoritative guidance during major security incidents.

You will work independently on sophisticated investigations, coordinate multi‑disciplinary incident response activities, and deliver expert testimony and forensic reporting while mentoring junior investigators and analysts.

This position offers Hybrid flexible working options.

Please note, you will need to be eligible for SC clearance.

• Lead complex digital forensic investigations across Windows, Linux, macOS, mobile, and cloud platforms
• Conduct advanced disk, memory, network, and malware forensic analysis with minimal supervision
• Perform forensically sound evidence acquisition from diverse systems and environments
• Analyze complex attack chains, lateral movement, and advanced persistent threat activities
• Reconstruct incident timelines and attacker methodologies from forensic artifacts
• Provide expert forensic analysis for legal proceedings, regulatory investigations, and internal reviews

• Lead major incident response engagements for sophisticated cyber attacks and data breaches
• Coordinate multi‑team incident response activities across technical, legal, and business stakeholders
• Perform advanced threat hunting, containment, eradication, and recovery activities
• Develop and execute incident response strategies for complex security events
• Interface with executive leadership, legal counsel, and regulatory bodies during major incidents
• Conduct post‑incident reviews and develop remediation roadmaps

• Conduct static and dynamic malware analysis on sophisticated threats and custom malware
• Perform reverse engineering of malicious code to understand capabilities and attribution
• Analyze exploitation techniques, persistence mechanisms, and command and control infrastructure
• Develop indicators of compromise (IOCs) and detection signatures from malware analysis
• Document malware behavior, capabilities, and remediation procedures
• Contribute to threat intelligence with malware analysis findings and IOCs

• Lead forensic investigations in cloud environments including AWS, Azure, and GCP
• Conduct container and Kubernetes forensic analysis for cloud‑native incidents
• Analyze cloud logs, API calls, and identity activity for security investigations
• Perform forensic acquisition and analysis of cloud workloads and serverless environments
• Investigate cloud‑specific attack vectors including misconfigurations and identity compromise
• Develop cloud forensic methodologies and investigation playbooks

• Analyze threat actor tactics, techniques, and procedures (TTPs) using MITRE ATT&CK framework
• Conduct threat attribution analysis based on forensic artifacts and intelligence sources
• Correlate internal incident data with external threat intelligence feeds
• Identify advanced persistent threat campaigns and targeted attack patterns
• Develop tactical and strategic threat intelligence from investigation findings
• Share threat intelligence with industry partners and information sharing communities

• Provide expert witness testimony in legal proceedings and regulatory investigations
• Prepare forensic reports meeting legal and regulatory evidentiary standards
• Work with legal teams on e‑discovery, litigation support, and regulatory response
• Maintain chain of custody and forensic integrity throughout investigations
• Present technical findings to non‑technical audiences including courts and…