Cyber Incident Response Specialist

Your function as CIR specialist

As a CIR specialist you are helping clients respond to cyber incidents and getting back to business. You work in cases where prompt and specialized expertise is required, for example data breaches and malware analysis.

You are the point of contact for our clients during an assignment. You assist the client during intake, delivery and reporting phases. You are able to advise the client in both technical as well as tactical decisions in dealing with incidents. You have deep understanding of the technologies that attackers use to enter and move laterally through computer networks.

You are a team player but are also able to work independently and can cope with big responsibilities. You may be required to work flexible hours to assist our clients during high-impact incidents. You will also be part of the Deloitte threat intelligence community which will help you to supply the client with valuable real-time information.

Increasingly, our clients ask us to help them build their own incident response capabilities and/or train their existing team. We often do this by teaming up our CIR specialists with the Deloitte Red Team to perform so-called “purple teaming” engagements where we have the red and blue teams learn from each other in a high-paced iterative approach.

We expect candidates to have a solid background in networking, network protocols, programming, penetration testing, digital forensics, and incident response. Upon joining, you will be given the opportunity to join the Deloitte Malware Analysis Hacklab in which you will learn and get hands-on experience with malware analysis, reverse-engineering and standard operating procedures in the field.


  • A Computer Science degree (or similar) and a drive to keep developing themselves;
  • Certifications in the security field, e.g. SANS, are a plus;
  • The ideal candidate has a proven track record in Cyber Incident Response and digital forensics;
  • Strong communication skills and professional proficiency in English;
  • Flexible availability / working hours;
  • Team player with professional attitude that is able to work independently;
  • You value high quality work;
  • You are able to work discretely with sensitive information of clients.


The Incident Response Team within Deloitte consists of a small team of core specialists that is extended with professionals from other teams (such as hacking or Red Teaming) during peak times.

We work closely together with other teams within Deloitte such as the monitoring team, hacking team and red team. We share knowledge and we held yearly trainings together.

Your career path at Deloitte

With offices throughout the Netherlands and well over 5,500 employees, Deloitte is a leading firm in Audit, Tax, Consulting, Risk Advisory and Financial Advisory. Our auditors are market leaders in several market segments. It means you will be working with ambitious, highly educated colleagues, often in multidisciplinary and international teams. Our business culture is pleasant, open and leaves much room for innovation and starting your own initiatives. Our employment benefits suit your ambition and needs and include an excellent leased car scheme, a laptop, a topnotch smartphone, and an excellent pension scheme. Top talent rises fast in our organization. Of course we will help you where we can, with a balanced training program, a customized competence model and continuous feedback.


Meer weten? Vraag het aan Lonneke.

Lonneke Machielsen, Experienced Recruiter Risk Advisory

Onze collega's

Profielfoto van Inge Philips-Bryan

Inge Philips-Bryan

Partner Risk Advisory

"Aanjagen hoeft niet: de nieuwe ideeën vliegen me hier om de oren."

Alle verse vacatures in je mailbox?

Meld je aan voor Deloitte job alert
Naar boven