Cyber Security DFIR Specialist

Belfast, Northern Ireland, United Kingdom

Job company KPMG Ireland
Size 1,001-5,000 employees
Job specification: Posted by

Laura White

Manager, Recruitment | Recruitment Marketing at KPMG Ireland

Send InMail
We are currently seeking to hire a Cyber Security Senior Consultant (Incident Response Specialist) to join our Cyber Security practice, based in Belfast city centre.

This is a hands-on role with opportunities to grow into management. The successful candidate is expected to manage cyber-security incidents as well as perform digital forensics (disk, volatile memory, network packets, logfiles) and help advance KPMG’s proprietary in-house toolkit.

In this role we are looking for a person who can demonstrate strong technical background, experience in incident response and digital forensics and is looking to grow skills and experience. You will be expected to lead one or two analysts to achieve a task in a project, as well as having the opportunity to work with, and learn from, our most experienced team members as part of your continuous development.

When not responding to incidents, you will help our clients to build their in-house incident response capabilities, which will include: building and developing cyber-response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, assisting in table-top cyber-scenario exercises.

We will welcome applications from candidate with a good competency in incident management, but with a developing competency and keen interest in digital forensics, or vice versa. KPMG will provide training and coaching to help you continually improve your skills. Strong technical competency - intermediate

We Ideally Need You To Have The Following

At least 3 years work experience in cyber security and incident response.
Excellent communication skills (both written and oral) and project management skills.
Strong IT and network skills – knowledge of common enterprise technologies – Windows and Windows Active Directory, Linux, Cisco, etc.
Working programming skill-set to be able to author and develop tools. Most in-house security tools in KPMG are written in Python, but we accept that a competent programmer will be able to transfer skillsets across languages.
Technical proficiency in at least one of these areas: network security/traffic/log analysis; Linux and/or Mac/Unix operating system forensics; Linux/Unix disk forensics (ext2/3/4, HFS+, and/or APFS file systems), advanced memory forensics, static and dynamic malware analysis / reverse engineering, advanced mobile device forensics
Advanced experience in industry computer forensic tools such as X-Ways, EnCase, FTK, Internet Evidence Finder (IEF) / AXIOM, TZWorks, and/or Cellebrite
Advanced experience in preservation of digital evidence (including experience preserving cloud data and handling encryption such as BitLocker, FileVault, and/or LUKS)
Experience with and understanding of enterprise Windows security controls
(Preferred) Degree level qualified, MSc in Information Security, IT or relevant STEM subjects.
(Preferred) General information security certificates such CISSP, CISM or CISA.
(Preferred) Incident management certifications such as:

CREST certified incident manager (CCIM).
GIAC Certified Incident Handler (GCIH)
(Preferred) Digital forensics certificates such as:

CREST certified registered intrusion analyst (CRIA),
CREST certified network intrusion analyst (CCNIA),
CREST certified host intrusion analyst (CCHIA),

Your work will be varied. Below will be some of your core responsibilities:

Help manage and co-ordinate cyber security incidents for our clients, working closely with the incident management lead within the team.
Digital forensics of relevant incident data (disk, volatile memory, network packets, log files).
Maintaining a current view of the cyber threat and being able to advise clients on the threat landscape and attacks which may be relevant to them.
Develop KPMG’s in-house cyber-response tools
Help assess client incident response capability maturity.
Help stand-up or improve clients’ own incident response capabilities.
Help with project management of engagements to deliver high quality work in a timely manner, including:
Basic financial management
Engagement and risk management
Production and review of deliverables.
Liaising with clients on delivery, implementation and sales issues.


KPMG Cyber Security team has become one of the leading cyber security practices in the world and has been identified as a leader consecutively by international analyst firms. We have in-depth experience in cyber security transformation and strategic engagements across many sectors in multiple jurisdictions.

We Offer More Than Just a Career Opportunity

Rewarding and challenging work in a fast-paced environment.
A thriving sports and social community.
An in-house award-winning team of training specialists who will help you achieve your career goals.

Hard Work Is Rewarded At KPMG

We offer excellent remuneration packages at all levels. At this level the package includes an extremely competitive base salary and opportunities to advance to Management level in a short timeframe.


We are proud to be an equal opportunity employer. Creating an inclusive culture where all our people achieve their potential is fundamental to our business. In addition, our employees have the option to avail of our flexible working policies/intelligent working arrangements. To learn more about diversity at KPMG, click


If you are interested in the above role, please submit a CV via the apply button.

For an interactive insight into life at KPMG, make sure to follow us on social media! We can be found on LinkedIn, Twitter, Facebook and Snapchat at the following handle- @KPMGCareersIRL.

By clicking apply to this role your application will not only be considered for this position, but your details will be stored on our database and may be considered for similar future positions that may arise. This means that the personal data contained in your application and provided to KPMG as part of the application process may be retained by us for up to 18 months from the date of your application and you hereby agree to that. If you do not wish your details to be stored on our recruitment database, please email stating this and we will ensure that such information is not stored other than for the purposes of this application.

Seniority Level


Information Technology & Services Management Consulting Financial Services
Employment Type


Job Functions
Engineering Information Technology
More jobs in this location:
Cyber Security Jobs United Kingdom
Cyber Security Jobs Northern Ireland