Incident Response Senior Consultant jobs in United States
cer-icon
Apply on Employer Site
company-logo

Crowe · 4 months ago

Incident Response Senior Consultant

positionSarasota FL USA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$85K/yr - $169K/yr
date4+ years exp

Crowe LLP is a leading public accounting, consulting, and technology firm in the United States, seeking an Incident Response Senior Consultant. This client-facing role in cybersecurity focuses on managing complex incident response engagements, providing expert guidance, and protecting client systems from security threats.

AccountingAdviceConsultingFinanceFinancial ServicesInformation TechnologyProfessional ServicesTax Consulting
check
H1B Sponsor Likelynote

Responsibilities

Interact directly with clients during Incident Response (IR) engagements, providing expert guidance and support
Coordinate with IR team members and external resources to execute and complete IR engagements effectively
Investigate security incidents, including Business Email Compromise, Ransomware attacks, and Data breaches
Assist with on-site incident response engagements, either as the sole on-site resource or in collaboration with other personnel
Collect and analyze forensic evidence from impacted systems to support investigations
Conduct threat hunting activities using EDR, SIEM, and application logs to identify and remediate threat actor entry and persistence methods
Assist with the secure recovery of client environments, ensuring minimal disruption to business operations
Prepare detailed reports covering the findings of investigations, providing actionable insights and recommendations
Apply incident response knowledge to enhance ongoing cybersecurity practices and strategies

Qualification

Incident ResponseCybersecuritySIEM toolsEDR toolsForensic analysisScriptingNetworking conceptsCloud securityProblem-solvingCommunication skillsAttention to detailAdaptabilityDocumentation skills

Required

Commitment to and proven track record of continually expanding skillsets and knowledge
Excellent problem-solving and analytical skills, with a strong attention to detail
Strong communication and interpersonal skills to effectively interact with clients and team members
Proven adaptability and a drive to learn and master new technologies
Ability to maintain focus and composure in high-stress situations
Willingness to travel 15% of the time or more, as required
4+ years of experience in Computer Science, Information Technology, or Cybersecurity, or a combination of a minimum of 2 years of experience with equivalent educational experience (such as a bachelor's or higher degree in a related field, or relevant certifications)
Experience utilizing SIEM or other log aggregation tools such as Splunk, Elastic, FortiSIEM, or Microsoft Sentinel
Experience with EDR tools like SentinelOne, CrowdStrike, Carbon Black, or Microsoft Defender for Endpoint
Strong understanding of networking, IT, and cybersecurity concepts
Proficiency in scripting and command interpreter usage (e.g., Bash, PowerShell, Python)
Strong documentation skills

Preferred

Previous incident response experience
Relevant certifications such as Red Hat Certified Systems Administrator (RHCSA), Linux Foundations Certified Systems Administrator (LFCS), GIAC Certified Incident Handler (GCIH), GIAC Certified Detection Analyst (GCDA), GIAC Public Cloud Security (GPCS), GIAC Cloud Forensics Responder (GCFR), CompTIA Cyber Security Analyst+ (CySA+), CompTIA Advanced Security Practitioner (CASP+), ISC2 Certified Information Systems Security Professional (CISSP), ISC2 Certified Cloud Security Professional (CCSP), EC-Council Certified Incident Handler (ECIH), EC-Council Certified Ethical Hacker (CEH), Cisco Certified Network Professional – Security (CCNP Security), Microsoft Certified Azure Security Engineer Associate (AZ-500), AWS Certified Security – Specialty, or Google Professional Cloud Security Engineer
Experience writing detailed incident reports
Experience with hypervisors (ESXI, Microsoft Hyper-V, etc.)
Active Directory administration and buildout experience
Experience with backup software (VEEAM, Rubrik, Datto, Druva, Commvault, etc.)
Experience investigating cloud-based security incidents (AWS, O365, Google Workspace)
Experience managing and reviewing network hardware configurations (Firewalls, Switches, Routers)
Experience with identity and access management solutions (Okta, Duo, etc.)
Experience with digital forensics collection

Company

Crowe

twittertwittertwitter
Glassdoor4.0
company-logo
Crowe LLP is a public accounting, consulting, and technology firm.
dateFounded in 1942
location
Chicago, Illinois, USA
people-size5001-10000 employees
web-link
https://www.crowe.com/

H1B Sponsorship

Crowe has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (72)
2024 (60)
2023 (48)
2022 (32)
2021 (20)
2020 (18)

Funding

Current Stage
Late Stage
Total Funding
unknown
2023-08-29Acquired

Leadership Team

leader-logo
James L. Powers
CEO
linkedin
leader-logo
Joy Mikolajczak Duce
Managing Principal/Partner - Human Capital Consulting
linkedin

Recent News

Pulse 2.0
Crowe Invests In Crowe Advisory Services India To Expand Consulting Capabilities And Grow In India
2026-01-16
PR Newswire
Crowe LLP announces strategic investment with India firm
2026-01-16
Canada NewsWire
Welcoming New Voices to Crowe Soberman's Partnership
2026-01-02
Company data provided by crunchbase