Apply on Employer Site

Tokio Marine HCC · 1 day ago

Principal Consultant, DFIR

United States

Full-time

Onsite

Senior Level, Lead/Staff

5+ years exp

Tokio Marine HCC is an incident response firm supporting TMHCC Cyber and Professional Lines Group. As a Principal Consultant at Vector3, you will provide critical technical expertise in digital forensics and incident response, conducting forensic analysis and supporting clients in understanding and recovering from cyber incidents.

CommercialFinancial ServicesInsurance

Comp. & Benefits

H1B Sponsor Likely

Responsibilities

Support the recruitment and development of a high-performing DFIR team, including technical specialists in areas like malware analysis, digital evidence collection, extortion negotiations, and recovery

Develop and maintain operating procedures and best practices for DFIR team

Build and maintain insured/carrier relationships

Provide mentorship to a team that will grow with time and experience

Foster a culture of innovation, continuous learning, and skill development within the DFIR team

Act as the 'Incident Commander' for insureds or their representatives during cyber incidents, providing clear communication, recovery direction, and/or updates on investigation progress

Conduct scoping calls with clients to understand the disruption, develop a roadmap to resolve the cyber security event, and provide initial triage to contain the threat

Understand insured needs and tailor strategies to address specific business risks and compliance requirements

Communicate complex cybersecurity concepts internally and externally

Build strong insured relationships and maintain trust through effective communication and timely delivery of investigation results

Lead incident response activities during cyber security breaches, including initial triage, threat assessment, containment, eradication, and recovery phases

Lead case teams, assign tasks, delegate responsibilities, and oversee quality control on all analysis and work products

Develop and maintain comprehensive incident response plans aligned with industry best practices

Conduct post-incident analysis to identify root causes and implement preventive measures to mitigate future risks

Stay informed about emerging cyber threats and technologies, including Tactics Techniques and Procedures and Indicators of Compromise associated with specific cybercrime syndicates

Understand and be aware of changes in technology as it relates to forensic data for review, or forensic techniques available to provide the best combination of speed and accuracy in forensic findings

Provide expert technical guidance on digital forensics methodologies, evidence collection, analysis, and reporting

Conduct complex digital forensic investigations, including analysis of system logs, network traffic, and endpoint data

Identify new business opportunities and contribute to strategies to expand the DFIR service offerings

Contribute to the overall cybersecurity strategy, including pricing models, service packages, and marketing initiatives

Collaborate with other security teams within the TMHCC-CPLG to provide holistic cybersecurity solutions to clients

Qualification

Digital ForensicsIncident ResponseCybersecurity StrategyMalware AnalysisCloud SecurityEDR SolutionsScripting SkillsAnalytical SkillsMicrosoft OfficeLeadershipCommunicationOrganizational Skills

Required

Minimum 4 year / bachelor's degree in cyber security, Computer Science, Information Technology related degree or relevant professional work experience

5 years former professional experience in leading and managing DFIR team and managing active cybersecurity engagements, including incident response, digital forensics investigations and working with insureds / clients and legal counsel

2 years prior people management or team leadership roles

Proven track record of success in leading/building DFIR teams and managing complex cyber incidents

Experience in conducting security investigations in Linux and Windows environments

Understanding of cloud platforms and security considerations within AWS (Amazon Web Services), Azure, Microsoft 365, and GCP (Google Cloud Platform)

Knowledge of digital forensic artifacts and tools such as ELK, Axiom, Encase, X-Ways, SIFT, FTK (Forensic Tool Kit), Volatility, or Open-Source tools

Experience in Digital Forensics, Network Forensics, Memory Forensics, and/or Malware Analysis

Scripting skills (PowerShell, Bash, Python, Go)

Experience with EDR solutions (Defender, SentinelOne, CrowdStrike)

Strong understanding of legal and regulatory frameworks related to cyber security investigations such as PCI, NIST CSF, or other industry-specific regulations

Excellent communication and presentation skills to clearly and concisely communicate complex technical findings to clients and stakeholders

Strong leadership abilities to motivate and mentor team members

Superior organizational and analytical skills; demonstrated ability to manage multiple tasks simultaneously

Knowledgeable of industry changes, legal updates, and technical developments related to applicable area of the Company's business to proactively respond to changing business environment

Advanced proficiency and experience using Microsoft Office package (Excel, Access, PowerPoint, Word)

Preferred

Advanced degrees or certifications (CISSP, CISM, GCFE, GCFA, GREM, GBFA, GCIH, CFCE, CCE) are a plus

Company

Tokio Marine HCC

Glassdoor4.0

Tokio Marine HCC focuses on what matters most; our people.

Founded in 1974

Houston, Texas, USA

1001-5000 employees

http://www.tmhcc.com/

H1B Sponsorship

Tokio Marine HCC has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2022 (1)

2020 (3)