IT Investigations Operating Model Lead (Consulting Engagement) Location: London (Hybrid) Engagement Type: ContractInside IR35 Length: 6-12 months We are supporting a large, globally regulated financial institution in establishing a formalised IT Investigations capability aligned to its enterprise Legal Investigations Framework. This engagement will design and stand up a Target Operating Model (TOM) for IT Investigations across EMEA, with integration into US-based SOC operations. The objective is to enable consistent, defensible, and timely IT investigation support across regions and investigation types, including insider risk matters. This is a strategic build role focused on operating model design, governance, and cross-functional integration not day-to-day investigative casework. Key Responsibilities Target Operating Model Design Design and document the IT Investigations Target Operating Model (people, process, technology, governance) Define service catalogue, case types, and regional coverage model Establish engagement patterns between IT, Legal, HR, Compliance, Privacy, and Security Governance & RACI Develop end-to-end RACI across the investigations lifecycle Define decision rights, escalation pathways, and conflict resolution mechanisms Review IAM provisions to ensure appropriate access controls and evidential integrity Triage & Case Management Design intake and triage model (classification, severity scoring, routing rules) Define SLAs and prioritisation framework Clarify routing between IT-led, Legal-led, and SOC-led investigations Evidence & Defensibility Establish evidential handling standards (chain-of-custody, defensibility principles) Define evidence export standards and audit trail requirements Align controls with regulatory expectations in financial services Insider Risk Integration Integrate insider risk detection workflows into investigation intake Define handoffs between insider risk program owners and investigations teams Prevent duplication across security and legal functions Tooling & Roadmap Map current and future-state investigation tooling landscape Align with Legal-procured tools and SOC capabilities Deliver implementation roadmap and transition plan into BAU Metrics & Continuous Improvement Establish KPIs, dashboards, and QA model Define governance forums and reporting structures Develop role-based training and skills framework Required Experience 8 years in Digital Forensics, IT Investigations, or Forensic Technology Experience designing or implementing an Investigations or Forensics Operating Model Strong understanding of evidential handling and defensibility standards Experience within financial services or other highly regulated environments Proven ability to operate across Legal, HR, Compliance, Security, and Technology functions Experience integrating Insider Risk or DLP-led investigations Highly Desirable Big 4 forensic consulting background Experience building investigations governance within global organisations Familiarity with eDiscovery platforms and enterprise case management tooling Experience aligning SOC and investigations functions