Apply now »

Digital Forensics Incident Responder Senior Consultant

Date:  18 Jun 2024
Service Line / Portfolios:  Cyber & Strategic Risk

Kuala Lumpur, MY

What impact will you make?

At Deloitte, we offer a unique and exceptional career experience to inspire and empower talents like you to make an impact that matters for our clients, people and community. Whatever your aspirations, Deloitte offers you a highly inclusive, collaborative workplace and unrivalled opportunities to realize your full potential. We are always looking for people with the relentless energy to push themselves further, and to find new avenues and unique ways to reach our shared goals.

So what are you waiting for? Join the winning team now.

Work you’ll do


  • Lead and/or support in-depth triage and investigations of urgent cyber incidents in cloud, traditional, and hybrid environments.
  • Perform incident response functions including but not limited to host-based analytical functions (e.g. digital forensics, metadata, malware analysis, etc.) through investigating Windows, Unix based, appliances, and Mac OS X systems to uncover Indicators of Compromise (IOCs) and/or Tactics, Techniques and Procedures (TTPs).
  • Create and track metrics based on the MITRE ATT&CK Framework and other standard security-focused models.
  • Work with application and infrastructure stakeholders to identify key components and information sources such as environments (on-premises versus cloud), servers, workstations, middleware, applications, databases, logs, etc.
  • Participate in incident response efforts using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.
  • Collaborate with global multidisciplinary groups for triaging and defining the scope of large-scale incidents.
  • Document and present investigative findings for high profile events and other incidents of interest.
  • Participate in readiness exercises such as purple team, tabletop exercises, etc.
  • Train junior colleagues on relevant best practices.
  • Provide leadership and support for all IR operations.
  • Design, develop, execute, and analyse cybersecurity exercise scenarios that test an incident response team proficiency in each phase of an enterprise incident response plan that includes preparation, detection and analysis, containment, eradication, recovery, and post incident activities. 
  • Develop key takeaways and lessons learned from exercises to improve client’s IR processes.

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves everyday to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. In addition to living our purpose, Senior Associates / Senior Consultants / Assistant Manager across our Firm are expected to:


  • Understand objectives for stakeholders, clients and Deloitte whilst aligning own performance to objectives and sets personal priorities.
  • Develop themselves by actively seeking opportunities for growth, shares knowledge and experiences with others, and acts as a strong brand ambassador.
  • Seek opportunities to challenge themselves, collaborate with others to deliver and takes accountability for results.
  • Build relationships and communicates effectively in order to positively influence peers and stakeholders.
  • Work effectively in diverse teams within a highly inclusive team culture where everyone is supported, respected and recognized for their contribution.



  • Bachelor’s degree in the relevant field and approximately 5 years or more of related work experience.
  • Posses GIAC  (e.g. GCFE, GCFA, GREM, GCIH, GASF, GNFA, etc.), CREST or other digital forensic and/or incident response certifications.
  • 3-6 years of working experience in cybersecurity/information security or demonstrated equivalent capability.
  • 1-4 years hands-on working in cyber incident response and investigations in medium to large organizations with cloud and forensics components.
  • Experience with response and analysis tools such as EnCase Forensic, EnCase Enterprise, AccessData FTK, Volatility, SANS SIFT, Carbon Black, Internet Evidence Finder, Magnet Axiom, Splunk, ElasticSearch or CrowdStrike.
  • Experience with programming languages such as Python, JavaScript, PHP, SQL etc.
  • Experience with malware analysis and understanding attack techniques.
  • Experience interpreting, searching, and manipulating data within enterprise logging solutions.
  • Familiar with threat intelligence and applications within incident response investigations.
  • Hands-on Dev/Sec/Ops experience with cloud environments and underlying storage, compute and monitoring services.
  • Prior experience with cloud common services.
  • Hands-on experience with forensic investigations or large-scale incident response in cloud environments.
  • Hands-on experience with containerization methods and tools (e.g. Docker, Kubernetes) including incident response and digital forensics.
  • Prior experience in cybersecurity strategic planning and IT security policy development/implementation.


Due to volume of applications, we regret only shortlisted candidates will be notified. Candidates will only be contacted by authorized Deloitte Recruiters via firm’s business contact number or business email address.

Requisition ID:  99732

In Malaysia, the services are provided by Deloitte and other related entities in Malaysia ("Deloitte in Malaysia"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Malaysia, which is within the Deloitte Network, is the entity that is providing this Website.

Apply now »