Digital Forensics Incident Response

Salary:
About Us:
We have an exciting opening for a **Digital Forensics Incident Response (DFIR) Consultant**. As a Digital Forensic and Incident Response Consultant you will engage in client-facing incident response projects and offer proactive incident response services. In a collaborative setting with our team and partners, you will assist clients during incidents, enhancing their resilience. Utilizing your technical expertise, you'll analyze intrusions, identify incidents, and guide clients through high-stress responses, ensuring clear communication and providing after-hours support when required
- You will assist in the response process, covering detection, containment, forensic investigation, and remediation. Your tasks include
- You will perform forensic analysis, implementing incident response procedures, and analyzing malware. Identifying attack vectors, threat tactics, and attacker techniques is a crucial part of your role.
- You will deliver verbal and written reports to clients, and actively contribute to process development and documentation.
- You will collaborate with other team members and ensure our team's expertise and attention to quality is second to none.
- You will strive to find innovative ways, processes and tools to deliver on objective, faster and at a higher quality while focusing on maximizing revenue generator for the company.
- The team you will be a contributing part of will have the primary responsibility for responding to and recovering from security incidents. As a consultant you will have direct hands-on responsibility in leading engagements and acting as role-model to other team members.
- You will possess an in-depth understanding of technical infrastructure and recovery techniques and have strong experience working in the field.
- You will possess a strong ability to communicate to all levels of stakeholders and provide detailed deliverables which will include reporting and recommendations.
- You will have a strong hands-on capabilities with various security tool-sets including to assess, hunt and remediate threats.
- Developing strong and rapid working client relationships is a key aspect of the role. Exceptional attention to detail and uncompromising pursuit of quality are the foundation of this role.

TECHNICAL
- Strong experience with Velociraptor, Axiom, X-Ways, FTK, SIFT, Volatility, Splunk, ELK and Timeline analysis.
- Strong knowledge of Windows, Active Directory, MS-SQL, Azure, AWS, Linux/Unix and Mac OS/X.
- Must understand Networking, Routing, Switching, Firewalls, Packet Captures and Netflow.
- A strong background knowledge of Penetration testing/Threat Actor tools and tactics, Cobalt Strike, IP Scanners, Nessus, Nexpose Kali and Metasploit are highly preferred.
- Desirable certifications such as MCFE, EnCE, ACE, GCFA, GCFE and CISSP.
- 7+ years of senior technical support, system administration or related customer facing role.
- Perform cybersecurity incident response and restoration engagements including live response, triage, containment and remediation
- VMWare ESX/HyperV - Knowledge of design, use and troubleshooting.
- Knowledgeable in the Windows environment, including Windows Service and Workstation, troubleshooting and diagnosing low-level operating systems and network issues.
- Confident with a wide range of hardware platforms including NAS, SAN, server and networking devices.
- Passion for solving customer issues and advocating for their success, in a fast paced, highly technical environment.
- Ability to learn new technologies quickly.
- Ability to work independently with little direct supervision and as a part of a team.
- Outstanding analytical and organizational abilities.
- Strong networking background including some of the following skills:

- Network routing protocols - OSPF, BGP, EIGRP, RIP along with other network protocols DHCP, DNS, VPN, IPV4 and IPV6
- Network switching - Understand L2 and L3 switch design to include VLANS and port security
- Enterprise wireless solutions - Cisco, Aruba, FortiNet
- Firewalls - Cisco ASA, Cisco FTD, CheckPoint, FortiNet PaloAlto, Cisco Meraki
- Network traffic capture and analysis

LEADERSHIP
- Directly contribute to revenue targets in delivering engagements
- Responsibility over certain tool selection, evaluation, management and evolution
- Collaborate with management and teams to ensure agility and eliminate unnecessary delays
- Support new services and offerings to the marketplace
- Act as a technical leader and mentor to junior consultants

BUSINESS
- Presence at the local office if needed - Primarily a remote role with attendance at client engagement is required as required
- Work Independently, remotely and with mínimal supervision while delivering high quality outputs
- Display an aptitude and desire for continuous learning at the leading edge of security
- Remain current on information security, technical infrastructure and recovery techniques, emerging threat trends, and tools including method