Senior Associate Cyber / DFIR

Location: Mumbai The Role This position is integral to Ankura's Cyber Security and Digital Forensics team. Based in Mumbai, the individual will be deeply involved in advanced aspects of Cyber Security Incident Response (IR) and Digital Forensics. The role requires a blend of technical expertise, analytical skills, and a proactive mindset to handle complex cyber threats and security incidents. The selected candidate will undergo advanced training in digital forensics, incident response, and cyber threat intelligence to enhance our defensive and investigative capabilities. Primary Responsibilities

• Work on client engagements and communicate with client stake holders
• Perform Root cause analysis / investigation of cyber attacks directed against the clients’ networks and systems and identifying indicators of compromise
• Ability to quickly and accurately triage security events and incidents to stop immediate threats using knowledge of cyber-attacks and data analysis skills.
• Develop playbooks and processes for incident management and response
• Plan for business continuity and disaster recovery in event of security incident
• Perform tests, exercises, and drills of all response plans
• Ability to forensically acquire, preserve electronic data stored on end user machines, servers, cloud etc. on site or remotely.
• Ability to conduct in-depth investigation & research including forensic analysis, deleted data recovery, carving by gathering data and information from variety of sources.
• Ability to analyse data, prepare report and present findings coherently.
• Coordinating research & development on new threats, monitoring dark web and working closely with team members.
• Review and assess inbound emergency escalations, make immediate decisions based on variety of complex factors and coordinate with and advise internal and external parties / clients on securing the IT infrastructure

• Minimum 5 to 6 years of hands-on experience in Digital Forensics / Cyber Security Incident Response.
• Proficiency with advanced digital forensic tools (such as Magnet Axiom, Cellebrite, FTK).
• Experience in investigating cyber breaches e.g. Business Email Compromise (BEC), malware, ransomware, etc.
• Strong understanding of network protocols, encryption technologies, and endpoint security solutions.
• Understanding of operating systems, e.g., Windows, Mac, Linux, iOS, and Android
• Flexible team player, with strong interpersonal skills.
• Ability to multitask on various projects.
• Bachelor's or Master's degree in Information Technology, Cyber Security, Digital Forensics, or a related field.
• Scripting will be a plus point to the team - Python, C, Bash, Shell, etc.
• Preferred Certifications: GCFA/GCFE/GNFA/EnCE, CCFP, GCFA, GCIH
• Self-starter requiring minimal direction
• Excellent communication skills, should be experience adapting communication style to suit different stakeholders like cross-functional teams, India and overseas