×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security

Senior Consultant or Manager, Digital Forensics & Incident Response - Cybersecurity

Job in Toronto, Ontario, C6A, Canada
Listing for: BDO Canada
Full Time position
Listed on 2026-01-01
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Job Description & How to Apply Below
Senior Consultant or Manager, Digital Forensics & Incident Response - Cybersecurity
Join to apply for the Senior Consultant or Manager, Digital Forensics & Incident Response - Cybersecurity role at BDO Canada.

BDO is seeking an experienced Digital Forensics & Incident Response professional to join our growing Cyber Security team. The successful candidate will bring deep investigative and forensic skills to defend our clients from sophisticated cyber‑adversaries. If you’re passionate about forensic analysis, incident response, threat intelligence, and building next‑generation capabilities, this is the opportunity for you.

Responsibilities

Leading complex incident investigations and forensic engagements: endpoint, network, cloud‑native environments, memory, disk, and log analysis.

Performing digital forensic examinations across multiple operating systems and devices using industry‑standard tools (e.g., EDR/EDR‑forensics, EnCase, Rekall, Wireshark, etc.).

Collecting, analyzing, and maintaining critical data sources including system logs, network traffic captures, EDR telemetry, threat intelligence feeds in order to support investigations and remediation.

Interpreting forensic artifacts, identifying Indicators of Compromise (IoCs), Adversary Techniques, Tactics & Procedures (TTPs), and producing actionable intelligence.

Producing clear, professional incident investigation and forensic reports; translating technical findings into business‑relevant recommendations for clients or internal stakeholders.

Contributing to and refining incident response, forensic, and threat‑hunting playbooks, processes and toolsets.

Collaborating with SOC, threat‑hunting, engineering, and client teams; providing mentorship and training to more junior analysts.

Staying current with emerging threats, forensic methodologies, cloud/enterprise forensics, and the evolving DFIR toolset; driving innovation and continuous improvement across the team.

Success criteria

Demonstrate BDO’s core values:
Integrity, Respect and Collaboration in all aspects of work.

Clients describe you as positive, professional, delivering high‑quality investigations and forensic insights.

Show proven success in incident response/forensics engagements and effectively partner with internal/external stakeholders.

Focus on delivering effective service and clear outcomes, not just technical analysis but actionable remediation.

Foster an inclusive and engaging work environment; actively contribute to talent development, best practice sharing and innovation.

Proactively adopt digital tools and strategies that elevate forensic, detection and response capabilities.

Continuously grow your expertise and participate in professional development.

Experience & Education

Undergraduate degree or diploma in Computer Science, Cyber Security, Forensics or related discipline.

Minimum 3‑5 years (or more, depending on seniority) experience in digital forensics, incident response or similar roles.

Demonstrated experience with EDR/XDR, SIEM, network/endpoint forensics, malware triage, memory/disk analysis.

Familiarity with forensic tools, methodologies, chain‑of‑custody, evidence handling.

Solid understanding of adversary TTPs, log analysis, threat intelligence, and frameworks such as MITRE ATT&CK.

Strong verbal and written communication skills—able to translate technical investigation into business/client‑relevant findings.

Strong analytical mindset; critical thinker comfortable operating under incident response deadlines.

Prior consulting or client‑facing forensic/IR experience.

Experience in cloud/virtual environments (Azure, AWS, GCP), and forensics in hybrid/cloud contexts.

Experience coding or scripting (e.g., Python), or query languages (KQL, SQL) for forensic data analysis.

Experience mentoring others or leading smaller forensic/IR teams.

Preferred Certifications

GIAC Certified Incident Handler (GCIH)

GIAC Certified Forensic Examiner (GCFE)

GIAC Certified Forensic Analyst (GCFA)

GIAC Network Forensic Analyst (GNFA)

GIAC Reverse Engineering Malware (GREM)

Crowd Strike Certified Falcon Responder (CCFR), or similar.

Preferred (Secondary) Certifications

Certified Information Systems Security Professional…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search