DFIR Consultant

Piper companies is seeking a DFIR consultant to help c ustomers respond to, and investigate cybersecurity breaches. You will need to be prepared to work with both small and large organizations of varying levels of technical maturity handle client cyber incidents and spearhead communication, scoping, as well as utilizing technical chops to analyze intrusions and detect incidents. You must be capable of working in a high stress IR situation and effectively navigate through the IR lifecycle. You will be responsible for leading the technical analysis of an IR investigation as well as communicating effectively and providing off-hours support as needed.

Responsibilities:

• Assist with the scoping of new engagements using a whole lifecycle approach, guiding the client from initial discovery through mitigation and remediation
• Conduct forensic host, network, and application technical investigations
• Lead tabletop exercises, incident response training, incident response plan organizational maturity reviews, and leaked data exposure assessments
• Triage active high-stakes security events, including reviewing and applying security controls to detect, respond, prevent and remediate threats
• Develop comprehensive and accurate reports of forensic findings and IR activities for both technical and executive audiences
• Effectively communicate investigative findings and strategy to various client stakeholders
• Provide clients with immediate actionable 0-day cybersecurity advice to stop and mitigate the damage of ongoing attacks

Knowledge and Skills:

• Significant experience in a forensic and incident response
• Strong awareness of current cyber threats, forensic challenges, and industry best practices.
• Experience with Endpoint detection response, Microsoft 365, Linux operating systems, Python, Powersehll, Kape, and Velociraptor
• Subject-matter expert who can communicate technical concepts to all levels
• Takes ownership of engagements, all the while demonstrating a strong commercial awareness
• One or more of the following technical certifications preferred:
  • GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), MCFE, EnCE or equivalent certifications
• Demonstrated experience using analytical skills in a cybersecurity environment to triage and detect events transpired and deal with Ransomware forensic investigations
• Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
• Experience in a technical role for a consulting company

Comprehensive Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave if required by law, and Holidays

• $120,000 - $130,000 (10% annual bonus)