Senior Consultant or Manager, Digital Forensics & Incident Response - Cybersecurity

Senior Consultant or Manager, Digital Forensics & Incident Response - Cybersecurity
BDO Canada is seeking an experienced Digital Forensics & Incident Response professional to join our growing Cyber Security team. The successful candidate will bring deep investigative and forensic skills to defend our clients from sophisticated cyber-adversaries.

Responsibilities

Leading complex incident investigations and forensic engagements across endpoint, network, cloud-native environments, memory, disk, and log analysis.

Performing digital forensic examinations across multiple operating systems and devices using industry-standard tools (e.g., EDR, EnCase, Rekall, Wireshark).

Collecting, analyzing, and maintaining critical data sources including system logs, network traffic captures, EDR telemetry, threat intelligence feeds to support investigations and remediation.

Interpreting forensic artifacts, identifying Indicators of Compromise and adversary TTPs, and producing actionable intelligence.

Producing clear, professional incident investigation and forensic reports; translating technical findings into business‑relevant recommendations.

Contributing to and refining incident response, forensic and threat‑hunting playbooks, processes and toolsets.

Collaborating with SOC, threat‑hunting, engineering, and client teams; providing mentorship and training to more junior analysts.

Staying current with emerging threats, forensic methodologies, cloud/enterprise forensics, and driving innovation and continuous improvement.

Success Metrics

Demonstrates BDO’s core values:
Integrity, Respect and Collaboration.

Delivered high‑quality investigations and forensic insights to clients.

Effectively partnered with internal and external stakeholders.

Provides actionable remediation recommendations.

Contributes to talent development and innovation.

Adopts digital tools and strategies to elevate capabilities.

Continually grows expertise and participates in professional development.

Education & Experience

Undergraduate degree or diploma in Computer Science, Cyber Security, Forensics or related discipline.

Minimum 3‑5 years of experience in digital forensics, incident response or similar roles.

Experience with EDR/XDR, SIEM, network/endpoint forensics, malware triage, memory/disk analysis.

Familiarity with forensic tools, methodologies, chain‑of‑custody, evidence handling.

Solid understanding of adversary TTPs, log analysis, threat intelligence and MITRE ATT&CK.

Strong verbal and written communication skills; able to translate technical investigation into business findings.

Strong analytical mindset; critical thinker comfortable operating under incident response deadlines.

Prior consulting or client‑facing forensic/IR experience.

Experience in cloud/virtual environments (Azure, AWS, GCP) and forensics in hybrid/cloud contexts.

Experience coding or scripting (Python) or query languages (KQL, SQL) for forensic data analysis.

Experience mentoring others or leading smaller forensic/IR teams.

Preferred Certifications

GIAC Certified Incident Handler (GCIH)

GIAC Certified Forensic Examiner (GCFE)

GIAC Certified Forensic Analyst (GCFA)

GIAC Network Forensic Analyst (GNFA)

GIAC Reverse Engineering Malware (GREM)

Crowd Strike Certified Falcon Responder (CCFR)

Certified Information Systems Security Professional (CISSP)

Certified Cloud Security Professional (CCSP)

Certified Information Systems Auditor (CISA)

Certified Information Security Manager (CISM)

Diversity, Equity & Inclusion
BDO Canada is committed to a workplace culture of respect, inclusion, and diversity. We recognize and celebrate the valuable differences among each of us. If you require accommodation to complete the application process, please contact us.

Application
Ready to make your mark at BDO? Click “Apply now” to send your up‑to‑date resume to one of our Talent Acquisition Specialists.

#J-18808-Ljbffr