Apply on Employer Site

Tokio Marine HCC · 1 day ago

DFIR Consultant

United States

Full-time

Remote

Entry, Mid Level

2+ years exp

Tokio Marine HCC is an incident response firm specializing in Business Email Compromise and Ransomware incidents. As a DFIR Consultant, you will provide technical expertise in digital forensics and incident response, conducting forensic analysis and supporting clients in understanding the impact of cyber incidents.

CommercialFinancial ServicesInsurance

Comp. & Benefits

H1B Sponsor Likely

Responsibilities

Collaborate with peers and senior consultants to support investigation and response activities

Communicate technical findings clearly to both technical and non-technical audiences

Maintain positive, professional relationships with insureds and carriers

Contribute to a team culture of innovation, continuous learning, and technical excellence

Execute assigned tasks during all phases of cyber incident response: triage, containment, eradication, recovery, and lessons learned

Perform forensic imaging, log collection, and analysis of affected systems, cloud platforms, and endpoints

Support development and maintenance of incident response documentation and process improvement

Assist in root-cause analysis and identification of attacker TTPs

Conduct digital forensic investigations using tools such as ELK, Axiom, EnCase, FTK, or open-source alternatives

Analyze endpoint and network telemetry (Defender, SentinelOne, CrowdStrike, etc.)

Stay current with emerging threat actor techniques, malware variants, and forensic methodologies

Script or automate forensic tasks (PowerShell, Bash, Python) when applicable

Qualification

Digital ForensicsIncident ResponseEDR ToolsScripting PowerShellScripting PythonCloud SecurityCybersecurity OperationsForensic Tools EnCaseForensic Tools FTKNIST CSFAnalytical SkillsCommunicationOrganizational SkillsTime Management

Required

4 Year / Bachelors Degree in Cyber security, Computer Science, Information Technology or related field

2 Years professional experience in incident response, digital forensics, or cybersecurity operations

Proven track record supporting investigations in Windows, Linux, or cloud environments

Knowledge of digital forensic artifacts, data preservation, and evidence handling

Experience with EDR tools (Defender, SentinelOne, CrowdStrike) and SIEM technologies

Understanding of frameworks such as NIST CSF, PCI DSS, ISO 27001

Strong analytical, organizational, and time-management skills

Excellent written and verbal communication abilities

Preferred

Advanced certifications such as CISSP, CISM, GCFA, GCFE, GREM, GCIH, CFCE, or CCE are preferred

Certifications in cloud security or forensics (AWS Security, Azure Security Engineer, Microsoft 365 Defender Expert) are advantageous

Company

Tokio Marine HCC

Glassdoor4.0

Tokio Marine HCC focuses on what matters most; our people.

Founded in 1974

Houston, Texas, USA

1001-5000 employees

http://www.tmhcc.com/

H1B Sponsorship

Tokio Marine HCC has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2022 (1)

2020 (3)