logo

Director, Digital Forensics and Incident Response

Job Description

Aon is looking for a Director, Digital Forensics and Incident Response

As part of an industry-leading team, you will help drive results for our clients by delivering innovative and effective solutions supporting Commercial Risk - Cyber Solutions in Los Angeles, CA; Boston, MA; Chicago, IL; Washington DC; Dallas TX; New York, NY or Remote/Virtual. As a Director, you will be a leader within the DFIR practice and report directly to either a Vice President or Managing Director.  

 

Your impact as a Director:

As a Director, you will lead teams of professionals working high-stakes, high-profile incident response investigations for our clients as well as performing hands-on analyses yourself.  You are expected to bring significant experience in the cybersecurity and technical consulting industries to bear on your casework.  You will scope, coordinate, oversee, and conduct analyses on client engagements which necessarily requires familiarity with ever-evolving technologies. As a leader within the DFIR practice, you will have direct impact and appropriate responsibility for the quality of work produced by the practice as well as identifying and implementing appropriate measures to protect our long-standing reputation as a best-in-class provider of DFIR services.

 

Job Responsibilities:

  • Incident Response Investigations
    • Lead client engagement efforts from initial scoping calls to report delivery, including developing budgets and working with Engagement Managers to provide regular status updates.
    • Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis and lead investigative teams.
    • Counsel clients in distress and provide guidance around containment and remediation measures across all major operating systems and network device platforms.
    • Produce high quality oral and written work product presenting complex technical issues clearly and concisely.
    • Ensure that client matters are staffed adequately and efficiently and that agreed deadlines are met.
    • Liaise with external stakeholders, including counsel, vendors, and law enforcement agencies.
    • Draft and conduct peer review of expert reports, affidavits, and other expert testimony, as necessary.
  • People
    • Actively support the mentorship and technical development of junior DFIR personnel.
  • Supervise other DFIR staff, including coordinating teams of experts, assuring stellar work product, and assisting with performance reviews and mentorship of cybersecurity experts.
    • Seek opportunities to broaden expertise of DFIR personnel through in-house and outside training.
    • Ensure the smooth functioning of the forensic laboratory under your direct supervision (if applicable); foster teamwork, information sharing, and inter-office collaboration and consistency.
  • Practice Management
    • Collaborate with Marketing and other stakeholders on collateral and thought leadership content.
    • Participation in technical meetings and working groups to address issues related to malware security, vulnerabilities, and issues of cybersecurity and preparedness.

 

You Bring Knowledge and Expertise

 

Required Expertise:

  • Strong work ethic and even stronger analytic, quantitative, and creative problem-solving abilities.
  • Outstanding client service skills and a high level of professionalism.
  • Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to client matters and needs.
  • Deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.).
  • Proficiency with industry-standard forensic toolsets, including X-Ways, EnCase, Axiom/IEF, Cellebrite/UFED, and FTK.
  • Experience with conducting log analysis of various types of logs, including Windows Event Logs, Apache, IIS, and firewall logs.
  • Clarity in written and oral communication.
  • Confidence, humility, and a commitment to learning and teaching others in a collaborative environment of talented high performers.
  • Comfort with intermittent periods of significant travel, evening and weekend hours.

 

Preferred Experience:

  • GCFE, GCIH, CCE, EnCE or equivalent digital forensics / incident response certification.
  • Experience with enterprise cloud infrastructures such as Amazon Web Services, G Suite, Office 365, and Azure.
  • Proficiency with database querying and analysis.
  • Interest in building intellectual capital for the firm by writing blogs, submitting to CFPs, and creating internal tools for analysis.

 

Education:

  • Bachelor’s degree required. 7+ years or more of sustained excellence in the Incident Response industry

 

 

We offer you

 

A competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.

 

 

Our Colleague Experience:

 

From helping clients gain access to capital after natural disasters, to creating access to health care and retirement for millions, Aon colleagues empower results for our clients, communities, and each other every day.  They make a difference, work with the best, own their potential, and value one another.  This is the Aon Colleague Experience, defining what it means to work at Aon and realizing our vision of empowering human and economic possibility. To learn more visit Aon Colleague Experience.

 

 

 

 

About Aon:

Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance.

 

By applying for a position with Aon, you understand that, should you be made an offer, it will be contingent on your undergoing and successfully completing a background check consistent with Aon's employment policies. Background checks may include some or all of the following based on the nature of the position: SSN/SIN validation, education verification, employment verification, and criminal check, search against global sanctions and government watch lists, fingerprint verification, credit check, and/or drug test.  You will be notified during the hiring process which checks are required by the position.

 

Aon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, or domestic partner status.  Aon is committed to a diverse workforce and is an affirmative action employer.

 

DISCLAIMER:
Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.

 

IND-US

2467050