Incident Response Senior Consultant jobs in United States
cer-icon
Apply on Employer Site
company-logo

Crowe · 2 days ago

Incident Response Senior Consultant

positionSarasota, FL
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$85K/yr - $169K/yr
date4+ years exp

Crowe is one of the largest public accounting, consulting and technology firms in the United States. The Incident Response Senior Consultant role is client-facing and focuses on managing complex incident response engagements in cybersecurity, providing expert guidance and support to clients during security incidents.

AccountingAdviceConsultingFinanceFinancial ServicesInformation TechnologyProfessional ServicesTax Consulting
badNo H1Bnote

Responsibilities

Interact directly with clients during Incident Response (IR) engagements, providing expert guidance and support
Coordinate with IR team members and external resources to execute and complete IR engagements effectively
Investigate security incidents, including Business Email Compromise, Ransomware attacks, and Data breaches
Assist with on-site incident response engagements, either as the sole on-site resource or in collaboration with other personnel
Collect and analyze forensic evidence from impacted systems to support investigations
Conduct threat hunting activities using EDR, SIEM, and application logs to identify and remediate threat actor entry and persistence methods
Assist with the secure recovery of client environments, ensuring minimal disruption to business operations
Prepare detailed reports covering the findings of investigations, providing actionable insights and recommendations
Apply incident response knowledge to enhance ongoing cybersecurity practices and strategies

Qualification

Incident ResponseCybersecuritySIEM toolsEDR toolsScriptingNetworking conceptsForensic analysisCommunication skillsProblem-solving skillsDocumentation skillsAdaptability

Required

Commitment to and proven track record of continually expanding skillsets and knowledge
Excellent problem-solving and analytical skills, with a strong attention to detail
Strong communication and interpersonal skills to effectively interact with clients and team members
Proven adaptability and a drive to learn and master new technologies
Ability to maintain focus and composure in high-stress situations
Willingness to travel 15% of the time or more, as required
4+ years of experience in Computer Science, Information Technology, or Cybersecurity, or a combination of a minimum of 2 years of experience with equivalent educational experience (such as a bachelor's or higher degree in a related field, or relevant certifications)
Experience utilizing SIEM or other log aggregation tools such as Splunk, Elastic, FortiSIEM, or Microsoft Sentinel
Experience with EDR tools like SentinelOne, CrowdStrike, Carbon Black, or Microsoft Defender for Endpoint
Strong understanding of networking, IT, and cybersecurity concepts
Proficiency in scripting and command interpreter usage (e.g., Bash, PowerShell, Python)
Strong documentation skills

Preferred

Previous incident response experience
Relevant certifications such as Red Hat Certified Systems Administrator (RHCSA), Linux Foundations Certified Systems Administrator (LFCS), GIAC Certified Incident Handler (GCIH), GIAC Certified Detection Analyst (GCDA), GIAC Public Cloud Security (GPCS), GIAC Cloud Forensics Responder (GCFR), CompTIA Cyber Security Analyst+ (CySA+), CompTIA Advanced Security Practitioner (CASP+), ISC2 Certified Information Systems Security Professional (CISSP), ISC2 Certified Cloud Security Professional (CCSP), EC-Council Certified Incident Handler (ECIH), EC-Council Certified Ethical Hacker (CEH), Cisco Certified Network Professional – Security (CCNP Security), Microsoft Certified Azure Security Engineer Associate (AZ-500), AWS Certified Security – Specialty, or Google Professional Cloud Security Engineer
Experience writing detailed incident reports
Experience with hypervisors (ESXI, Microsoft Hyper-V, etc.)
Active Directory administration and buildout experience
Experience with backup software (VEEAM, Rubrik, Datto, Druva, Commvault, etc.)
Experience investigating cloud-based security incidents (AWS, O365, Google Workspace)
Experience managing and reviewing network hardware configurations (Firewalls, Switches, Routers)
Experience with identity and access management solutions (Okta, Duo, etc.)
Experience with digital forensics collection

Company

Crowe

twittertwittertwitter
Glassdoor4.0
company-logo
Crowe LLP is a public accounting, consulting, and technology firm.
dateFounded in 1942
location
Chicago, Illinois, USA
people-size5001-10000 employees
web-link
https://www.crowe.com/

Funding

Current Stage
Late Stage
Total Funding
unknown
2023-08-29Acquired

Leadership Team

leader-logo
James L. Powers
CEO
linkedin
leader-logo
Joy Mikolajczak Duce
Managing Principal/Partner - Human Capital Consulting
linkedin

Recent News

Pulse 2.0
Crowe Invests In Crowe Advisory Services India To Expand Consulting Capabilities And Grow In India
2026-01-16
PR Newswire
Crowe LLP announces strategic investment with India firm
2026-01-16
Canada NewsWire
Welcoming New Voices to Crowe Soberman's Partnership
2026-01-02
Company data provided by crunchbase