Overview

Investigator - Cyber Incident Response

Location Flexible (UK).

Please Note: Due to the nature of client work you will be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application.

Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We apply industry expertise, diverse skill sets and next-generation technology to each business challenge.

We believe in inclusion and diversity and supporting the whole person. Our core values comprise Stewardship, Best People, Client Value Creation, One Global Network, Respect for the Individual and Integrity. Accenture is recognized worldwide for both business performance and inclusion and diversity.

Accenture’s Security is a fast-growing area with significant expansion plans. Our global Cyber Investigation and Forensic Response (CIFR) practice delivers around-the-clock incident response services to enterprise customers. The team operates across Europe, providing expertise to multi-national clients and thought leadership within our company.

You will learn, grow and advance in an innovative culture that thrives on shared success and enables boundaryless opportunities that can drive your career in new and exciting ways. This role offers the chance to work with cutting-edge technologies and develop a wide range of new skills.

Responsibilities

• Lead incident response engagements, including coordination of other assigned resources for on-site and remote investigations
• Identify and investigate intrusions to determine the cause and extent of the breach
• Conduct data collection, host and network digital forensics, log analysis, malware analysis and living-off-the-land techniques in support of incident response investigations, including leveraging EDR solutions and threat intelligence
• Lead threat hunting engagements
• Conduct incident response within various Cloud platforms
• Identify attacker Tactics, Techniques and Procedures (TTPs) to develop indicators of compromise
• Develop and implement dynamic remediation plans in conjunction with incident response engagements
• Lead authoring of comprehensively written client reports on investigative findings
• Effectively communicate with customers, both technically and strategically to customer stakeholders and legal counsel throughout the engagement lifecycle
• Support Accenture leadership in properly scoping engagements with innovative methodical approaches, based on customer requirements
• Mentor and train CIFR team members
• Work as part of the global practice to develop and maintain service offerings

As an Investigator you will

• Be highly credible with the ability to engage on a broad C-suite agenda and guide senior leadership in forming strategies for robust security and enterprise resilience
• Possess deep industry expertise to guide client executives in developing suitable strategies in the dynamic theatre of incident response
• Understand client needs in the security marketplace and apply insights to recommend value creation for clients

As part of the Accenture Security CIFR, you will join a specialised team responding to large and complex data breaches and conducting cyber threat hunting in complex environments, using a range of tools and Digital Forensic and Incident Response (DIFR) techniques. You will work in a fast-paced, collaborative environment with a diverse team to provide expert incident response services to Accenture customers.

Qualification

We are looking for experience in the following skills:

• Strong knowledge of incident response, digital forensics and cyber incident investigation processes
• Strong familiarity with common DFIR toolsets
• Strong DFIR knowledge of Microsoft Windows, GNU/Linux and MacOS operating systems
• Experience of Threat Hunting on both the endpoint and ideally network
• Ability to identify attacker TTPs and to develop indicators of compromise
• Know-how to find and eradicate attackers, and improve monitoring and protection capabilities
• Develop and implement dynamic remediation plans for customers with incident response engagements
• Understanding of enterprise environments and how they operate
• Understanding of common malware types and behaviours and infection vectors
• Ability to lead a team of investigators during demanding engagements including client interaction
• Excellent project management and client-facing communication skills

Set yourself apart

• Experience with Cloud environments
• Experience with OT and ICS environments
• Knowledge of scripting and programming languages
• Experience with reverse engineering and sandboxing technologies
• Relevant degree in computing/IT
• Security certifications (e.g., GREM, GCFE, GCFA, CEH, GCIH)
• Minimum 5 years of DFIR experience

What’s in it for you

At Accenture, in addition to a competitive basic salary, you will have an extensive benefits package including 30 days’ vacation per year, private medical insurance, car allowance (paid as cash), bonus scheme, and 3 extra days leave per year for charitable work of your choice.

Flexibility and mobility are required to deliver this role as there may be requirements to spend time onsite with clients and partners to enable delivery of our services.

About Accenture

Accenture is a leading global professional services company with a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We work across more than 40 industries and operate in more than 120 countries with a large network of Advanced Technology and Intelligent Operations centres. Visit us at www.accenture.com

Accenture is an equal opportunities employer and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship status, marital or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law.

Closing Date for Applications: 30/09/2025

Accenture reserves the right to close the role prior to this date should a suitable applicant be found.

Locations

London

Additional Information

Equal Employment Opportunity Statement: All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by law.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. Accenture is committed to providing veteran employment opportunities. Please read Accenture’s Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.

About Accenture: We see well-being holistically and support our people’s physical, mental, and financial health. We provide opportunities to keep skills relevant through certifications and diverse experiences. We are proud to be recognized as a World’s Best Workplace. Join Accenture to work at the heart of change. Visit us at www.accenture.com.