Ankura is a team of excellence founded on innovation and growth.

This position supports the Cybersecurity team within the Data & Technology business- one of seven practices focused on client delivery services across the Firm.

Ankura is one of the top five fastest growing consulting firms with more than 2,000 employees in more than 36 offices worldwide, providing a range of services to both the private and public sectors. Ankura's global EMEA Data & Technology team offers a wide range of services designed primarily to help other organizations quickly get their security incidents under control. Using incident response, digital forensics, threat intelligence and eDiscovery, we offer a holistic approach to getting on the attackers' trail.

The EMEA Cybersecurity & Privacy practice is growing and has ambitions to expand its capabilities from a strong base in incident response, intelligence and investigations into additional proactive security and managed detection & response services.

Why Join Ankura• Have the opportunity to get involved with both Proactive and Reactive client work.• Join a global diverse team working across the EMEA region.• We can support and develop individuals who aspire to be an expert.• Opportunities for career development, an assigned career mentor, access to Ankura Academy, and opportunities to collaborate on projects with other Ankura practices.• Work within a collaborative environment, whereby our professionals have the freedom to innovate which promotes curiosity, learning and communication.

The goal of this role is for applicants at this grade to support the team across different service offerings Ankura take to market, depending on client demand and professional interests. Usually, team members are expected to contribute to all our offerings and eventually major on a primary discipline as their career develops with us.

Role Overview:

As a (Senior) Associate, you will be a member of the cybersecurity investigations team: familiar with the practice’s customer support objectives and responsible for performing threat discovery and analysis activities while conveying your results to the internal team and external customers.

Responsibilities:

Your responsibilities will include, but will not be limited to, the following:Examples of Digital Forensics and Incident Response Responsibilities• Participate in cyber incident response investigations that may require log, forensic, host based and malware analysis.• Performing digital forensic data acquisition, preservation and analysis, including comprehensive contemporaneous note taking.• Collect and analyze firewall logs, network traffic logs and host system logs to evaluate whether unauthorized access or information exfiltration occurred.• Perform forensic analysis to identify the presence of any malware, malware capabilities and understand the actions performed by the malware.• Conduct security investigations in Windows and/or Linux/Mac environments.• Provide input into client communications, both written and oral, related to analyses performed for senior level review.

Examples of Proactive Security Advisory Responsibilities:

• Develop an understanding of a client’s security posture to guide them in identifying, analyzing and addressing cyber related threats and risks.• Perform and support evaluation of cybersecurity programs based upon a recognized framework or regulation e.g. NIST Cybersecurity Framework, NIS2 Directive, PCI Data Security Standard, ISO Standards, etc.• Perform technical testing of clients’ environments including best practice audits, network assessments, penetration testing and vulnerability assessments.• Carry out cyber security assessments across a range of technology architectures including cloud and hybrid models.

General Responsibilities:

• Develop and deliver recommendations, reports, and presentations outlining findings from projects and summarizing results of work performed.• Maintain detailed working records reflecting assumptions, methodologies, and information sources employed during the performance of all analytical tasks.• Manage time and tasks to meet internal and external deadlines.• Maintain professional image within the company and project the same to those outside of the company.• Support the day-to-day activities of engagements including interaction with other team members, subject matter experts, and client contacts.• Provide input into client communications, both written and oral, throughout the lifecycle of the project.

Qualifications & Experience:

• Degree (Bachelor or Master) in all fields related to Cyber Security, Computer Science, Engineering, information technology and other technical majors with 3+ years of industry experience and gained experience working on client facing engagements in a consulting firm.• Holder of industry qualifications are preferred, but not required:CISSP, SANS, CISA, PMP, CISM, CREST, OSCP/OSCE, GWAPT, GXPN, GPEN and/or similar Forensics / Cyber Security certification(s)

Consulting Skills and Behaviors

• Passion for Cyber Security or Incident Response and a desire for continuous improvement in expertise.• Strong ability and desire to use technology to solve complex problems.• Understanding of how to communicate effectively and concisely with key stakeholders.• Ability to approach projects both from a strategic and tactical perspective.• Ability to work both independently and as part of a team in a high-paced, multi-task environment with attention to detail.• Strong conceptual, as well as quantitative and qualitative analytical skills.• Team player comfortable working in a dynamic and fast-paced collaborative environment.• Exceptional organizational skills, to include detailed note taking abilities.• Strong attention to detail, possessing problem solving, troubleshooting and analytical reasoning skills.• Frequently communicates with clients and co-workers and share information effectively.• Flexibility and responsiveness working on multiple projects in sometimes high-pressure situations simultaneously.• Ability to travel in and outside of Germany for work, which could involve a few weeks at a time. Engagement duration can range from a week to months. The ability to travel at short notice is important.• Able to support out of hours work (approx. one in eight weeks).• Ability to engage with team and client personnel in demanding, deadline-driven situations.• Excellent communication (both written and verbal), mathematical, and organisational skills.• Flexibility with respect to assigned tasks and engagements due to challenging deadlines, changing deliverables, and evolving task priorities.• Fluent in German and English is a requirement.

Technical Skills (examples are preferred but not all required):

• Detailed understanding of operating systems and network architecture including high level administrative experience working with Windows and/or non-Windows systems (such as Linux, Unix, Mac).• Familiarity with security technology stacks, applications and solutions including but not limited to firewalls, SIEM platforms, endpoint detection & response, Cloud security platforms, logging and monitoring systems, DLP, anti-malware controls, security compliance tools, intrusion detection and response systems.• Knowledge about applied cyber security principles including policies and good practices cryptography, access controls, application and network security.• Understanding of security principles, policies and industry best practices.• Strong work ethic, eagerness to learn, and motivation to succeed.• Functional understanding of Network Architecture, Design, and Security Best Practices.• Fundamental understanding of Computer Forensics principles and practices.• Familiarity with NIST or ISO frameworks and/or risk assessment methodology.• Knowledge of Cybersecurity compliance and frameworks, such as NIST, ISO 27001 etc..• Familiarity assessing and benchmarking security controls in common cloud platforms including Office 365, Google Suite, Azure, AWS or Google Cloud.• Ability to correlate events from multiple sources to create a timeline analysis across end points of an incident; proficient in log analysis of multiple types; ability to analyze network packet captures and understand memory capture and analysis.• Scripting/programming experience beneficial (specifically Python, C#, VBA, or PowerShell).

What we can offer you:

• Vast opportunities for career development, with formal development process, training programs and internal e-learning training platform, Ankura Academy.• Work within a team of world recognized leading experts in an established leading global consultancy.• Work in a collaborative environment, in a flat team structure where our professionals have the freedom to innovate which promotes curiosity, learning and communication.• Ankura currently operates a flexible hybrid model, working approximately two days a week in the office.

Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents.

Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

Ankura Consulting Group, LLC is an independent global expert services and advisory firm that delivers services and end-to-end solutions to help clients at critical inflection points related to conflict, crisis, performance, risk, strategy, and transformation. The Ankura team consists of more than 1,800 professionals serving 3,000+ clients across 55 countries who are leaders in their respective fields and areas of expertise. Collaborative Lateral Thinking That Deliversᵀᴹ, hard-earned experience, expertise, and multidisciplinary capabilities drive results and Ankura is unrivalled in its ability to assist clients to Protect, Create, and Recover Valueᵀᴹ. For more information, please visit, ankura.com.