Skip Navigation


OR Match jobs with LinkedIn

Any information we receive from LinkedIn is determined by LinkedIn and your privacy settings thereon. Duff & Phelps is not responsible for the privacy practices of any non-D&P operated websites. We will process any data we receive in accordance with our privacy policy.


Vice President I, Cyber Risk

Job ID 19000945 Hong Kong, Hong Kong SAR

Duff & Phelps is the global advisor that protects, restores and maximizes value for clients in the areas of valuation, corporate finance, investigations, disputes, cyber security, compliance and regulatory matters, and other governance-related issues. We work with clients across diverse sectors, mitigating risk to assets, operations and people. With Kroll, a division of Duff & Phelps since 2018, our firm has nearly 3,500 professionals in 28 countries around the world.


Kroll is the leading global provider of risk solutions. For more than 45 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security and data and information management services. Kroll is a division of Duff & Phelps, a global advisor with nearly 3,500 professionals in 28 countries around the world. Our clients include publicly traded and privately held companies, law firms, government entities and investment organizations such as private equity firms and hedge funds. We also advise the world’s leading standard-setting bodies on valuation and governance best practices.


This position is an excellent opportunity for a self-motivated individual to join a fast-growing team of global experts. The successful candidate will have the opportunity to attend leading training as well as further their career through exposure to a diverse caseload alongside some of the best talent in the industry.


As a Forensic Consultant, frequent travel may be required to various locations in Asia and to be involved in a range of investigations which include employee investigations, hacking, fraud, data recovery, theft of sensitive company information, industrial and commercial espionage.


Due to the inherent volatility of investigative response work, you will be expected to discharge various responsibilities assigned, while successfully managing a variable caseload. You will be responsible for integrity in analysis, quality in client deliverables, as well as gathering caseload intelligence. 


  • Use leading-edge technology and industry standard forensic tools and procedures to provide insight into the cause and effect of suspected Cyber intrusions.

  • Follow proper evidence handling procedures and chain of custody protocols.

  • Determine programs that have been executed, including finding files that have been changed on disk and in memory. Use timestamps, host and network logs, photographs, and the collection of hash information to develop authoritative timelines of activity.

  • Find evidence of deleted files and hidden data. Identify and document case relevant file-system artifacts, including browser histories, account usage, and USB histories.

  • Assist with preliminary analysis by tracing an activity to its source and produce documents findings for input and into a forensic report.

  • Analyze and assess risk to client’s information technology systems and enterprise environment.

  • Take ownership of projects and deliverables.

  • Participate in technical reviews including; the evaluation of Windows and Linux systems, database configurations, application auditing, network device

  • Conduct research and analysis through the use of in-hours as well as external resources

  • Produce accurate, high quality client reports



  • Self-motivated and able to demonstrate a passion for this type of work. This will include evidence of research, knowledge of a diverse array of tool-sets, community participation and self-learning beyond commercial training 
  • Bachelor’s Degree in a technical discipline preferred

  • Minimum of 5 years’ experience with digital forensics with a focus on external threat incident response and network forensics

  • Forensics related certifications such as GNFA, GCFA, GCFE, GCIH, CFCE, EnCE

  • Experience with acquiring or collecting computer artifacts, including malware, user activity, and link files from various systems

  • Experience with assessing evidentiary value by triaging electronic devices, correlating forensic findings with network events to further develop an intrusion narrative

  • Experience with collecting and documenting system state information, including running processes and network connections prior to imaging

  • Experience with performing incident triage from a forensic perspective, including determining of scope, urgency, and potential impact

  • Experience with tracking and documenting forensic analysis from initial involvement through final resolution

  • Must be able to assist clients in responding rapidly and effectively to computer-related incidents and should consistently exceed expectations while working in a client-facing environment

  • Have the capability to quickly identify the source of a security breach and move toward containment is essential

  • Have proficiency in conducting live analysis on networks and across multiple platforms is desired. Must possess the ability to articulate well in both written and oral communications

  • Must also be able to manage multiple projects on a daily basis

  • Willingness to travel up to 75%

  • Candidates with less experience will be considered as Senior Associate


In order to be considered for a position at Duff & Phelps, you must formally apply via 


Duff & Phelps is committed to equal opportunity and diversity, and recruits people based on merit.

Kroll is an Equal Opportunity Employer (Minorities/Females/Veterans/Disabilities). If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact our recruiting team at or +1 (212) 833-3293 for assistance.

Kroll will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including fair chance laws. You can find more information about your city’s fair chance laws here: Los Angeles, San Francisco, and Philadelphia.

Similiar Jobs


  • What We Do

    From investigations to compliance to cyber security, we provide services for organizations at every stage of their challenges.

  • Forward Thinking

    How do we give our clients peace of mind? At Duff & Phelps, our disciplined thought process helps us dig deep to challenge assumptions.

  • Intelligence Center

    Visit our intelligence center to read our latest Kroll insights.

  • Network of Women

    Since 2012, Duff & Phelps' Network of Women (NOW) attracts, develops and retains women at all levels of the firm.

By entering your city, state and zip we can better target communications to your location.