Associate Director, Cyber Response (Technical)
Control Risks, United Kingdom

This is an Associate Director role with responsibility for delivering and selling Control Risks cyber response projects to clients. This involves leading the technical aspects of the cyber response practice, managing our technical team members as well as managing client relationships.

This role will report to the Director and Head of Cyber Response and work closely with the Cyber Crisis Management team.

The successful candidate will have a strong technical skill set, understanding of the cyber incident response market and a deep understanding of current and emerging advanced threat actors.

Tasks and Responsibilities

Technical response

• Overseeing incident response cases for all host and network based investigations, be responsible for the overall quality of our technical incident response work. Leveraging the Digital Forensics Incident Response (DFIR) team to deliver work where necessary.
• Ownership of the entire lifecycle of a cyber incident including identification, containment, eradication and recovery. A particular area of speciality in eradication and recovery from an incident.
• Threat hunting using EDR Tooling to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity.
• Perform live compromise assessments for organisations who suspect a compromise.
• Detect and hunt unknown live, dormant, and custom malware in memory across multiple systems in an enterprise environment.
• Demonstrate a deep understanding of both existing and emerging threat actors, as well as experience identifying rapidly changing tools, tactics and procedures of attackers.
• Advise on the safe technical recovery of an organisations IT systems balancing the need to understand what has happened but speed up recovery.
• Be responsible for Control Risks technical Cyber Response strategy. Identify, design and then implement solutions that meet these strategic objectives.

Reporting

• Provide situation reports and other significant case related material to the client and the Director of Cyber Response.
• Provide documentation to the relevant consultants in sufficient time to allow review and feedback, before submitting to a client.
• Report on the performance of the Technical Cyber Response work and forecast technical and resource requirements in the near and long term.

Team management

• Establish resourcing requirements for our already growing Cyber Response practice, hire and then manage these technical individuals.
• Establish relationships with key recruiters and where possible align with the Cyber Crisis Management teams resourcing plans.
• Align with and help to expand the already re-occurring Internship Programme and where business need requires onboard interns into the technical team.
• Define clear roles and responsibilities for new hires including a learning pathway for training amp; development.
• Ensure new joiners have appropriate time dedicated to technical development and research whilst balancing un-predictable workload.

Governance

• Own the technical response Standard Operating Procedures, working with the team to ensure they are kept up to date with the latest threats.
• Ensure issues identified during delivery of cases are identified, escalated and resolved efficiently.

Requirements

• Proven experience in technically responding to significant and complex cyber attacks and information security related advisory
• Proven experience of managing and/or building the requisite technologies necessary for responding to a wide variety of common cyber security incidents
• Demonstrable experience of operating within a commercial environment and engaging with key stakeholders in insurance and risk management.
• Technical degree or demonstrated knowledge of common networks, software and hardware used in business environments
• Experience in conducting log analysis and digital forensics following a cyber incident
• Experience of working with law firms, communications experts, and others on sensitive investigations.
• Track record of developing consultative relationships with clients

Benefits

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
• We operate a discretionary global bonus scheme that incentivises, and rewards individuals based on company and individual performance.
• Control Risks supports hybrid working arrangements, wherever possible, that emphasise the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
• As an equal opportunities employer, we encourage suitably qualifie

Job Rewards and Benefits