Senior Security Consultant - Digital Forensics & Incident Response

The UBDS group is seeking a highly skilled Senior Digital Forensics and Incident Response (DFIR) Consultant to lead and support complex cyber incident investigations and response activities.

The primary focus of this role is the delivery of DFIR services to external clients, ensuring high-quality, timely, and professional incident response and forensic capabilities. In addition, the role will support internal cyber security operations and improvement initiatives as required.

This role will work closely with Security Operations Centre (SOC) and Infrastructure Operations Centre (IOC) engineers to identify, contain, and remediate cyber threats, while enhancing both client and internal cyber resilience. The successful candidate will bring deep technical expertise in digital forensics, threat analysis, and incident response, combined with the ability to operate effectively in a fast paced, client-facing environment.

Key Responsibilities

• Lead end-to-end incident response activities for both external clients and internal environments, including identification, containment, eradication, and recovery
• Conduct detailed digital forensic investigations across endpoints, networks, and cloud environments
• Collaborate with SOC/IOC engineers to detect and respond to threats in real time
• Act as a trusted advisor to external clients during cyber incidents, providing clear guidance and updates
• Develop and refine incident response playbooks, procedures, and best practices for both client engagements and internal use • Provide expert guidance during major incidents, including stakeholder communication and reporting
• Support proactive threat hunting initiatives in collaboration with SOC teams
• Produce clear, structured forensic reports suitable for both technical and non technical audiences
• Ensure evidence is handled in line with legal and regulatory standards, maintaining chain of custody
• Contribute to continuous improvement of cyber security posture through lessons learned and post-incident reviews (both client and internal)
• Mentor and support junior SOC team members where required

Role Requirements

Experience

• Significant experience in Digital Forensics and Incident Response (DFIR) within enterprise or client-facing environments
• Proven track record managing and leading complex cyber incident investigations
• Experience working closely with Security Operations Centre (SOC) teams
• Demonstrable experience delivering cyber security services to external clients Technical Skills:
• Strong knowledge of endpoint and network forensics tools
• Experience with Security Information and Event Management (SIEM) platforms
• Deep understanding of threat detection methodologies
• Familiarity with Windows, and cloud environments (e.g. MS Azure / AWS) • Knowledge of malware analysis techniques and tools
• Scripting or automation skills (e.g. Python, PowerShell) desirable

Certifications (desirable but not essential):

• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Analyst (GCFA)
• Certified Information Systems Security Professional (CISSP)
• CREST Certified Incident Manager (CCIM) or equivalent

About You

• You are a confident and experienced DFIR professional with a strong client-facing approach
• You are able to remain calm and methodical under pressure, particularly during high-severity incidents
• You possess excellent communication skills, with the ability to translate complex technical findings into clear, actionable insights for clients and stakeholders
• You are collaborative in nature and enjoy working closely with SOC and IOC engineers to achieve effective outcomes
• You demonstrate strong analytical and problem-solving skills, with a keen attention to detail
• Eligible for UK SC Security Clearance
• Willing to work from our Manchester office at least 3 days a week