- Lead end-to-end incident response engagements, from intake and scoping through evidence collection, analysis, containment, remediation guidance, and closure.
- Perform digital forensics across endpoints, email platforms, networks, websites, and cloud services to reconstruct attacker activity and determine scope and impact.
- Investigate Microsoft 365 and other cloud environments for account compromise, data access, mail flow abuse, and configuration weaknesses.
- Produce clear, defensible forensic reports and executive-ready summaries.
- Facilitate client and counsel calls, including findings briefings, remediation recommendations, and post-incident lessons-learned discussions.
- Contribute to Australia-specific IR processes, playbooks, and active services, and participate in global follow-the-sun coverage model.
Python