Incident Response Consultant (DFIR)

United States - Remote

modePUSH

modePUSH is a cybersecurity company focused on end-to-end breach response from Digital Forensics to Restoration across the enterprise and cloud environments. Our novel unified approach combines decades of deep expertise in cyber threat response...

View all jobs at modePUSH

Apply now Apply later

Who We Are

If you feel like Incident Response and Recovery hasn’t changed in the past 10 years, you’re not alone. Business operations aren’t just on endpoints anymore. It’s behind applications in Okta tiles, auto-scaling workloads, code repos, and sprawling data stores across one or many public clouds. At modePUSH, we’re focused on eradicating adversaries across our client’s entire digital footprint, and that demands a faster, nimbler approach to DFIR.

We’re looking to expand our IR Consulting Team with individuals driven to protect clients, eliminate threat actors, and build the next era of digital forensics and incident response for the modern enterprise.

Who You Are

You know that $I30 isn’t referring to your local interstate, and that the easiest way to get on your bad side is to be handed a timestamp that isn’t in UTC. You’ve got a “Tools” folder sitting on your workstation somewhere with your favorite forensic scripts at the ready to tear into the next piece of suspicious activity you see. And speaking of suspicious activity, you’ve honed a keen sense for knowing the difference between legitimate users and threat actor activity because you’ve seen them in action.
Hundreds of times.

Windows environment investigations feel like the back of your hand at this point, and you’ve been starting to expand your knowledge on cloud-native forensics. Account takeovers are the new malware after all, and investigating the latest threats across Azure, GCP, AWS, and SaaS Apps is the growing frontier you’ve been looking to sink your teeth into.

Client conversations don’t scare you. You understand what it looks like to support a client team that’s going through their worst professional days with confidence and empathy.

You’re insatiably curious, addicted to threat intel, and a builder at heart. Ultimately, you’re looking for the right opportunity that uses your technical chops to find and eliminate meaningful adversaries while putting your stamp on a better approach to traditional DFIR consulting.

Why You Matter

You’ll be joining a seasoned team of high performing incident response consultants that are the tip of the spear for all forensic activity at modePUSH. From ransomware to nation-state threats, you’ll be supporting and leading meaningful cases across traditional enterprise and cloud-native environments. We’re a startup in the truest sense, and your voice has significant weight in shaping our technology stack, investigative methodology, and service offerings as we continue to scale.

What You'll Bring

  • Experience responding to threat activity as an IR consultant or SOC analyst
  • Strong understanding of Windows/Mac/Linux fundamentals, forensic artifacts, and network analysis
  • Existing knowledge or passion to learn cloud-native investigations across AWS, GCP, and Azure
  • An unwavering emphasis on investigation at the highest level of quality
  • Perspective and voice to continue to shape our practice
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  7  1  0

Tags: AWS Azure Cloud DFIR Forensics GCP Incident response Linux Malware Okta SaaS SOC Windows

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.