Senior Consultant, Digital Forensics & Incident Response - Cybersecurity

Putting people first, every day

BDO is a firm built on a foundation of positive relationships with our people and our clients. Each day, our professionals provide exceptional service, helping clients with advice and insight they can trust. In turn, we offer an award-winning environment that fosters a with a high priority on your personal and professional growth.

Your Opportunity

BDO is seeking an experienced Digital Forensics & Incident Response professional to join our growing Cyber Security team. The successful candidate will bring deep investigative and forensic skills to defend our clients from sophisticated cyber-adversaries. If you’re passionate about forensic analysis, incident response, threat intelligence, and building next-generation capabilities, this is the opportunity for you. We support career growth, collaboration, and innovation across our team.

This is a new role in our team. As a Senior Consultant, in Digital Forensics & Incident Response on BDO’s Cyber Threat Management & Response team, your responsibilities will include :

Leading complex incident investigations and forensic engagements : endpoint, network, cloud-native environments, memory, disk, and log analysis.

Performing digital forensic examinations across multiple operating systems and devices using industry-standard tools (e.g., EDR / EDR-forensics, EnCase, Rekall, Wireshark, etc.).

Collecting, analyzing, and maintaining critical data sources including system logs, network traffic captures, EDR telemetry, threat intelligence feeds in order to support investigations and remediation.

Interpreting forensic artifacts, identify Indicators of Compromise (IoCs) and adversary Techniques, Tactics & Procedures (TTPs), and producing actionable intelligence.

Producing clear, professional incident investigation and forensic reports; translating technical findings into business-relevant recommendations for clients or internal stakeholders.

Contributing to and refine incident response, forensic and threat-hunting playbooks, processes and toolsets.

Collaborating with SOC, threat-hunting, engineering, and client teams; providing mentorship and training to more junior analysts.

Staying current with emerging threats, forensic methodologies, cloud / enterprise forensics, and the evolving DFIR toolset; driving innovation and continuous improvement across the team.

How we define success for your role :

You demonstrate BDO’s core values : Integrity, Respect and Collaboration in all aspects of your work.

Clients describe you as positive, professional, delivering high-quality investigations and forensic insights.

You show proven success in incident response / forensics engagements and effectively partner with internal / external stakeholders.

You focus on delivering effective service and clear outcomes, not just technical analysis, but actionable remediation.

You foster an inclusive and engaging work environment; you actively contribute to talent development, best practice sharing and innovation.

You proactively adopt digital tools and strategies that elevate forensic, detection and response capabilities.

You continuously grow your expertise and participate in professional development.

Your experience and education

Undergraduate degree or diploma in Computer Science, Cyber Security, Forensics or related discipline.

Minimum 3-5 years (or more, depending on seniority) experience in digital forensics, incident response or similar roles.

Demonstrated experience with EDR / XDR, SIEM, network / endpoint forensics, malware triage, memory / disk analysis.

Familiarity with forensic tools, methodologies, chain-of-custody, evidence handling.

Solid understanding of adversary TTPs, log analysis, threat intelligence, and frameworks such as MITRE ATT&CK.

Strong verbal and written communication skills—able to translate technical investigation into business / client-relevant findings.

Strong analytical mindset; critical thinker comfortable operating under incident response deadlines.

Prior consulting or client-facing forensic / IR experience.

Experience in cloud / virtual environments (Azure, AWS, GCP), and forensics in hybrid / cloud contexts.

Experience coding or scripting (e.g., Python), or query languages (KQL, SQL) for forensic data analysis.

Experience mentoring others or leading smaller forensic / IR teams.

Certification(s) Preferred :

One or more of the following :

GIAC Certified Incident Handler (GCIH)

GIAC Certified Forensic Examiner (GCFE)

GIAC Certified Forensic Analyst (GCFA

GIAC Network Forensic Analyst (GNFA)

GIAC Reverse Engineering Malware (GREM)

CrowdStrike Certified Falcon Responder (CCFR), or similar.

Certification(s) Preferred (Secondary) :

Certified Information Systems Security Professional (CISSP),

Certified Cloud Security Professional (CCSP)

Certified Information Systems Auditor (CISA)

Certified Information Security Manager (CISM)

Cloud platform security certifications (Azure, AWS, etc.).

The expected range of compensation for this role is $84,000 - $128,000 annually.