Piper Companies · 16 hours ago

DFIR Consultant

United States

Full-time

Remote

Mid, Senior Level

$120K/yr - $130K/yr

Maximize your interview chances

Staffing & Recruiting

Growth Opportunities

Insider Connection @Piper Companies

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Assist with the scoping of new engagements using a whole lifecycle approach, guiding the client from initial discovery through mitigation and remediation

Conduct forensic host, network, and application technical investigations

Lead tabletop exercises, incident response training, incident response plan organizational maturity reviews, and leaked data exposure assessments

Triage active high-stakes security events, including reviewing and applying security controls to detect, respond, prevent and remediate threats

Develop comprehensive and accurate reports of forensic findings and IR activities for both technical and executive audiences

Effectively communicate investigative findings and strategy to various client stakeholders

Provide clients with immediate actionable 0-day cybersecurity advice to stop and mitigate the damage of ongoing attacks

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Forensic analysisIncident responseEndpoint detection responseMicrosoft 365Linux operating systemsPythonPowerShellKapeVelociraptorCybersecurity threats awarenessRansomware investigationsTechnical certificationsTabletop exercisesEngagement ownershipConsulting experience

Required

Significant experience in a forensic and incident response

Strong awareness of current cyber threats, forensic challenges, and industry best practices.

Experience with Endpoint detection response, Microsoft 365, Linux operating systems, Python, Powersehll, Kape, and Velociraptor

Subject-matter expert who can communicate technical concepts to all levels

Takes ownership of engagements, all the while demonstrating a strong commercial awareness

Demonstrated experience using analytical skills in a cybersecurity environment to triage and detect events transpired and deal with Ransomware forensic investigations

Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats

Experience in a technical role for a consulting company

Preferred

One or more of the following technical certifications preferred: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), MCFE, EnCE or equivalent certifications