Job Description
IT Investigations Operating Model Lead (Consulting Engagement)Location: London (Hybrid)Engagement Type: ContractInside IR35Length:6-12 monthsWe are supporting a large, globally regulated financial institution in establishing a formalised IT Investigations capability aligned to its enterprise Legal Investigations Framework. This engagement will design and stand up a Target Operating Model (TOM) for IT Investigations across EMEA, with integration into US-based SOC operations. The objective is to enable consistent, defensible, and timely IT investigation support across regions and investigation types, including insider risk matters. This is a strategic build role focused on operating model design, governance, and cross-functional integration not day-to-day investigative casework. Key Responsibilities Target Operating Model Design
* Design and document the IT Investigations Target Operating Model (people, process, technology, governance)
* Define service catalogue, case types, and regional coverage model
* Establish engagement patterns between IT, Legal, HR, Compliance, Privacy, and Security
Governance & RACI
* Develop end-to-end RACI across the investigations lifecycle
* Define decision rights, escalation pathways, and conflict resolution mechanisms
* Review IAM provisions to ensure appropriate access controls and evidential integrity
Triage & Case Management
* Design intake and triage model (classification, severity scoring, routing rules)
* Define SLAs and prioritisation framework
* Clarify routing between IT-led, Legal-led, and SOC-led investigations
Evidence & Defensibility
* Establish evidential handling standards (chain-of-custody, defensibility principles)
* Define evidence export standards and audit trail requirements
* Align controls with regulatory expectations in financial services
Insider Risk Integration
* Integrate insider risk detection workflows into investigation intake
* Define handoffs between insider risk program owners and investigations teams
* Prevent duplication across security and legal functions
Tooling & Roadmap
* Map current and future-state investigation tooling landscape
* Align with Legal-procured tools and SOC capabilities
* Deliver implementation roadmap and transition plan into BAU
Metrics & Continuous Improvement
* Establish KPIs, dashboards, and QA model
* Define governance forums and reporting structures
* Develop role-based training and skills framework
Required Experience
* 8+ years in Digital Forensics, IT Investigations, or Forensic Technology
* Experience designing or implementing an Investigations or Forensics Operating Model
* Strong understanding of evidential handling and defensibility standards
* Experience within financial services or other highly regulated environments
* Proven ability to operate across Legal, HR, Compliance, Security, and Technology functions
* Experience integrating Insider Risk or DLP-led investigations
Highly Desirable
* Big 4 forensic consulting background
* Experience building investigations governance within global organisations
* Familiarity with eDiscovery platforms and enterprise case management tooling
* Experience aligning SOC and investigations functions
JBRP1_UKTJ