Senior Security Consultant - Digital Forensics & Incident Response

We are seeking an experienced and highly capable Senior Digital Forensics & Incident Response (DFIR) Consultant to support the delivery of cyber incident response and forensic services to both external clients and internal stakeholders.

The primary focus of this role is the delivery of high-quality DFIR services to external clients, ensuring timely, professional, and effective incident response capabilities. In addition, the role will support internal cyber security operations, resilience improvements, and incident management initiatives.

Working closely with Security Operations Centre (SOC) and Infrastructure Operations Centre (IOC) teams, the successful candidate will help identify, contain, investigate, and remediate cyber threats while continuously improving security posture and operational maturity.

The successful candidate will bring deep technical expertise in digital forensics, threat analysis, and incident response, combined with the ability to operate effectively in a fast-paced, client-facing environment.

Key Responsibilities

Incident Response & Investigation

• Support and coordinate end-to-end cyber incident response activities, including identification, containment, eradication, recovery, and post-incident review.
• Conduct investigations across client and internal environments to determine root cause, impact, and remediation actions.
• Investigate cyber incidents including ransomware, business email compromise (BEC), malware infections, unauthorised access, insider threats, and other security events.
• Provide specialist DFIR expertise during major incidents and support incident management activities.
• Assist with incident escalation, coordination, and technical decision-making.

Digital Forensics

• Conduct detailed forensic investigations across endpoints, servers, cloud environments, and network infrastructure.
• Perform evidence acquisition, preservation, analysis, and reporting while maintaining strict chain-of-custody procedures.
• Utilise forensic tools and methodologies to identify attack vectors, determine root cause, and assess impact.
• Produce clear, structured forensic reports suitable for both technical and executive audiences.

Client Engagement

• Act as a trusted advisor to clients during cyber incidents.
• Provide regular updates, technical guidance, and remediation recommendations.
• Support client briefings, executive reporting, and post-incident review sessions.
• Deliver services in line with contractual obligations, industry standards, and regulatory requirements.

Threat Detection & Continuous Improvement

• Collaborate with SOC and IOC teams to identify, investigate, and respond to emerging threats.
• Support proactive threat hunting and compromise assessment activities.
• Develop and enhance incident response playbooks, procedures, and best practices.
• Contribute to lessons learned activities and continuous improvement initiatives.
• Mentor and support junior analysts and SOC personnel where required.

Essential Experience

• Significant experience delivering Digital Forensics and Incident Response (DFIR) services within enterprise and/or client-facing environments.
• Proven experience investigating cyber security incidents, including ransomware, phishing, malware infections, business email compromise, and unauthorised access incidents.
• Experience conducting forensic investigations across endpoints, networks, and cloud environments.
• Experience working closely with Security Operations Centre (SOC) teams.
• Demonstrable experience delivering cyber security services to external clients.
• Strong understanding of incident response methodologies and cyber security best practices.

Technical Skills

Essential

• Strong knowledge of endpoint and network forensic investigation techniques and tools.
• Experience with Security Information and Event Management (SIEM) platforms.
• Deep understanding of threat detection methodologies and attacker behaviours.
• Strong knowledge of Windows environments.
• Experience investigating incidents within cloud platforms such as Microsoft Azure and AWS.
• Understanding of evidence handling, legal considerations, and chain-of-custody requirements.
• Ability to analyse and interpret security logs, alerts, and forensic artefacts.

Desirable

• Malware analysis experience.
• Experience with EDR/XDR technologies.
• Threat hunting and threat intelligence experience.
• Scripting and automation skills using Python, PowerShell, or similar technologies.
• Experience supporting regulated or security-sensitive environments.

Personal Attributes

• Confident and experienced DFIR professional with a strong client-facing approach.
• Able to remain calm and methodical under pressure, particularly during high-severity incidents.
• Excellent communication skills with the ability to translate complex technical findings into clear, actionable insights.
• Collaborative and team-oriented, working effectively with SOC, IOC, infrastructure, and client teams.
• Strong analytical and problem-solving skills with exceptional attention to detail.
• Professional, adaptable, and capable of managing multiple priorities in a fast-paced environment.

Additional Requirements

• Eligible for UK SC Security Clearance.
• Must be physically based in the United Kingdom.
• Willing to work from our Manchester office a minimum of three days per week.
• Willingness to participate in out-of-hours incident response activities where required.

What We're Looking For

You are a technically strong DFIR professional who thrives in fast-paced environments and enjoys solving complex cyber security challenges. You are comfortable investigating incidents, engaging directly with clients, and working alongside SOC and infrastructure teams to deliver effective outcomes during critical cyber events.

Most importantly, you bring strong technical expertise, professionalism, and a customer-focused approach, ensuring clients receive trusted guidance and support throughout the incident lifecycle.

Why people choose to grow their careers at UBDS Group

Professionals choose to grow their careers at UBDS Group for its reputation as a dynamic and forward-thinking organisation that is deeply committed to both innovation and employee development. At UBDS Group, employees are given unique opportunities to work on cutting-edge projects across a diverse range of industries, exposing them to new challenges and learning opportunities that are pivotal for professional growth. The Group’s culture emphasises continuous improvement, offering ample training programs, mentorship, and the chance to gain certifications that enhance their skills and marketability.

UBDS Group fosters a collaborative environment where creativity and innovation are encouraged, allowing employees to contribute ideas and solutions that have a tangible impact on the company and its clients. This combination of professional development, a culture of innovation, and the opportunity to make meaningful contributions makes UBDS Group an attractive place for those looking to advance their careers and be at the forefront of technological and operational excellence.

Employee Benefits

• Training – All team members are offered a number of options in terms of personal development, whether it is technical led, business acumen or methodologies. We want you to grow with us and to help us achieve more
• Private medical cover for you and your spouse/partner, offered via Vitality
• Discretionary bonus based on a blend of personal and company performance
• Holiday – You will receive 25 Days holiday, plus 1 day for Birthday and 1 day for your work anniversary in addition to UK bank holidays
• Electric Vehicle leasing with salary sacrifice
• Contributed Pension Scheme
• Death in service cover

About UBDS Group

At UBDS Group our mission is to support entrepreneurs who are setting new standards with technology solutions across cloud services, cybersecurity, data and AI, ensuring that every investment advances our commitment to innovation, making a difference, and creating impactful solutions for organisations and society.

Equal Opportunities

We are an equal opportunities employer and do not discriminate on the grounds of gender, sexual orientation, marital or civil partner status, pregnancy or maternity, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.