Personal improvement and growth are taken seriously here. The flexibility to work on both proactive and reactive cyber security engagements has greatly expanded my exposure and abilities in serving our clients.
Associate Managing Director, DFIR, Cyber RiskHong Kong, Hong Kong SAR
What makes a successful Cyber Security employee at Kroll? Check out the traits we’re looking for and see if you have the right mix.
- Relationship expertise
- Technologically inquisitive
Kroll offers many career paths to support your immediate and future success.
Intern leads to Associate, Cyber Risk
Associate, Cyber Risk leads to Senior Associate, Cyber Risk
Senior Associate, Cyber Risk leads to Vice President, Cyber Risk
Vice President, Cyber Risk leads to Senior Vice President, Cyber Risk
Senior Vice President, Cyber Risk leads to Associate Managing Director, Cyber Risk
Associate Managing Director, Cyber Risk ends this path
At Kroll Cyber Risk, I find the collaboration and real sense of teamwork very inspiring. Personal egos are not encouraged! Communication with senior management is also straightforward and responsive. An excellent working environment.
Bill AndersonVice President, APAC Cyber Risk, Singapore
Opportunities for new cyber challenges, knowledge, and career growth are plentiful here. Not only is your success supported through regular professional training, the entire global team also contributes to information sharing via collaboration tools and weekly group presentations. We truly work as a global team and no one ever hesitates to step up and help.
David KloppAMD, Cyber Risk, Singapore
At Kroll you have the opportunity to learn different aspects of cyber security allowing you to develop a set of skills beneficial to your career growth and development. Kroll invests in cyber security and each employee can receive sponsorship for cyber training. In addition, they encourage a work life balance allowing you to do different things for yourself and the team.
Rick LiSenior Associate, Cyber Risk, Hong Kong
The Kroll Cyber team has a great culture. Everyone is down to earth and willing to help each other out. There are no big egos to contend with, which makes for a vibrant and collaborative working environment.
One of the significant differences between Kroll Cyber and other places I have worked is how easy it is to work across international teams. There are no bureaucratic processes; all it takes is a quick conversation to organise logistics.
Mark FarleySenior Vice President, EMEA Cyber Risk, London
Working for the group is awesome, from the amazing culture to a diverse range of projects undertaken. The benefits of being in a global team and collaborative knowledge sharing is unparalleled compared to competitors. Everyday can be different, however it typically consists of helping clients improve their cyber security, constant learning and problem solving.
Hassan MahmudAssociate, EMEA Cyber Risk, London
One of the things I appreciate most from being at this company is the feeling of support. Whether that be helping to develop my work product, ensuring I receive sufficient training, or affording me flexibility when life demands it, I always have the sense that Kroll has my back, and that is a valuable thing indeed.
Ben HawkinsSenior Managing Consultant, EMEA Cyber Risk, London
Ongoing training and development opportunities at all levels of the firm through programs such as Kroll, The Promote Program and Network of Women.
As a global firm, our benefits vary by country.
Be part of a flexible and diverse team that encourages and supports your personal and professional growth.
Associate Managing Director, DFIR, Cyber RiskJob ID 21008067 Hong Kong, Hong Kong SAR Apply now
Associate Managing Director, DFIR, Cyber Risk – Hong Kong
In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We value the diverse backgrounds and perspectives that enable us to think globally. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.
Our Cyber Security & Investigations Practice provides solutions that help clients comply with the myriad of IT Risk Prevention/Assessments and Cyber/Data Breach Response and Investigation.
At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk and transparency challenges. Apply now to join One team, One Kroll.
Summary of Position
This position is an excellent opportunity for a self-motivated individual to join a fast-growing team of global experts. The successful candidate will have the opportunity to attend leading training as well as further their career through exposure to a diverse caseload alongside some of the best talent in the industry.
As an Associate Managing Director, frequent travel may be required to various locations in Asia and to be involved in a range of investigations which include employee investigations, hacking, fraud, data recovery, theft of sensitive company information, industrial and commercial espionage.
Due to the inherent volatility of investigative response work, you will be expected to discharge various responsibilities assigned, while successfully managing a variable caseload. You will be responsible for integrity in analysis, quality in client deliverables, as well as gathering caseload intelligence.
Other responsibilities include:
- Use leading-edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected Cyber intrusions
- Follow proper evidence handling procedures and chain of custody protocols
- Determine programs that have been executed, including finding files that have been changed on disk and in memory. Use timestamps, host and network logs, photographs, and the collection of hash information to develop authoritative timelines of activity
- Find evidence of deleted files and hidden data. Identify and document case relevant file-system artifacts, including browser histories, account usage, and USB histories
- Assist with preliminary analysis by tracing an activity to its source and produce documents findings for input and into a forensic report
- Analyze and assess risk to client’s information technology systems and enterprise environment
- Take ownership of projects and deliverables
- Individually lead client engagements throughout the delivery cycle
- Participate in technical reviews including; the evaluation of Windows and Linux systems, database configurations, application auditing, network device
- Conduct research and analysis through the use of in-hours as well as external resources
- Produce accurate, high quality client reports
- Self-motivated and able to demonstrate a passion for this type of work. This will include evidence of research, knowledge of a diverse array of tool-sets, community participation and self-learning beyond commercial training
- Bachelor’s Degree in a technical discipline preferred
- Minimum of 10 years’ experience with digital forensics with a focus on external threat incident response and network forensics
- Forensics related certifications such as GNFA, GCFA, GCFE, GCIH, CFCE, EnCE, X-PERT
- Experience with acquiring or collecting computer artifacts, including malware, user activity, and link files from various systems
- Experience with assessing evidentiary value by triaging electronic devices, correlating forensic findings with network events to further develop an intrusion narrative
- Experience with collecting and documenting system state information, including running processes and network connections prior to imaging
- Experience with performing incident triage from a forensic perspective, including determining of scope, urgency, and potential impact
- Experience with tracking and documenting forensic analysis from initial involvement through final resolution
- Must be able to assist clients in responding rapidly and effectively to computer-related incidents and should consistently exceed expectations while working in a client-facing environment
- Have the capability to quickly identify the source of a security breach and move toward containment is essential
- Have proficiency in conducting live analysis on networks and across multiple platforms is desired. Must possess the ability to articulate well in both written and oral communications
- Must also be able to manage multiple projects on a daily basis
- Willingness to travel up to 75%
In order to be considered for a position at Kroll, you must formally apply via careers.kroll.jobs
Kroll is committed to equal opportunity and diversity, and recruits people based on merit.