Full-Time Principal DFIR Consultant

Your Career

This role is client-facing and requires the Principal Consultant to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation.

Your Impact

• Perform reactive incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
• Examine firewall, web, database, and other log sources to identify evidence of malicious activity
• Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation tools to determine source of compromises and malicious activity that occurred in client environments
• Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
• Ability to perform travel requirements as needed to meet business demands (on average 20%)
• Mentorship of team members in incident response and forensics best practices

Your Experience

• 6+ years of incident response or digital forensics consulting experience with a passion for cyber security
• Strong leadership skills including experience managing a team or individuals
• Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front 
• Proficient with host-based forensics and data breach response
• Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools
• Incident response consulting experience required
• Identified ability to grow into a valuable contributor to the practice and, specifically
  • have an external presence via public speaking, conferences, and/or publications
  • have credibility, executive presence, and gravitas
  • be able to have a meaningful and rapid delivery contribution
  • have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
  • be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field or equivalent military experience required