Senior Security Consultant, Digital Forensics & Incident Response
United States
About eSentire
eSentire is on a mission to hunt, investigate and stop cyber threats before they become business disrupting events. We were founded on the premise that if you can’t find a solution, you build it. Entrepreneurship and innovation are in our DNA. Our culture is based on transparency, teamwork, and continuous innovation.
As the authority in Managed Detection and Response, we protect the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats.
The Role
The Senior Security Consultant serves as a tactical arm of eSentire’s Incident Response team. Main function of this role is to drive deep expertise and experience in incident response, and digital forensics engagements. As a top tier operator, the position handles the most volatile and complex casework, while ensuring optimum quality of service and responsiveness. Casework spans from financially motivated data breaches to state-affiliated espionage and ideology-driven attacks aimed at information gathering, manipulation and disruption. Real domain expertise, mixed with ability to execute, and mastery of relevant technologies must produce investigative conclusions that stand scrutiny in the court of law.
The position operates in close coordination with eSentire’s SOC and Customer Success Management teams to drive fast mobilization, source identification, containment, and quantification of informational losses in response to cyber-attacks in motion.
Make no mistake, Incident Response work is an extremely demanding role. Cyber-attacks don’t follow a schedule. Our team must be available when they happen. As a result, our team members are often called upon to work outside regularly scheduled work hours, through weekends and holidays, with little notice. On the flip side, when it’s not busy we do encourage our team members to make the most of that time and catch up on their personal business. Please give this some thought before you apply, this is a demanding and equally rewarding job, but it’s not for everyone.
Responsibilities
• Drive deep domain expertise in cyber incident response, and digital forensics engagements.
• Serve as case lead in the most demanding and volatile cyber investigations.
• Be a tactical force multiplier for all open and active investigations.
• Overlay with Customer Service Management and SOC teams to optimize quality of service.
• Own and manage all aspects of assigned incident response engagements.
• Be responsive to the customer’s voice and feedback.
• Strive for attention to detail and excellence in service delivery.
• Assist in scoping, pricing and work assignment activities as needed.
• Continually research and develop new methods and approaches to improve service delivery.
• Provide support and mentoring to junior level staff.
• Work rotating shifts and be available on an on-call basis as required.
• Be prepared to work, as required, for extended periods outside of regularly scheduled hours, including weekends, and holidays.
• Be prepared to travel for short periods and work onsite at client locations throughout the United States and Canada, as required.
Requirements
• A four-year degree in a relevant discipline and eight to ten years of experience; OR ten or more years of relevant experience in a military or law enforcement capacity.
• Proven experience in IT investigations, digital forensics, and incident response—particularly involving polymorphic trojans and modern ransomware variants.
• Background in security consulting and/or case investigation, with the ability to operate in a client-facing, advisory capacity.
• Mastery of mainstream forensics tools such as EnCase, FTK, Axiom, X-Ways, etc.
• Strong working knowledge of Windows and/or Linux operating systems, and a solid understanding of networking concepts, protocols, and infrastructure.
• Hands-on experience with Endpoint Detection and Response (EDR) solutions such as CrowdStrike, SentinelOne, Microsoft Defender, etc.
• Familiarity with cloud-native security tools like AWS CloudTrail, Azure Security Center, or similar platforms for log analysis, evidence collection, and incident response.
• Experience with scripting or programming (e.g., Python, PowerShell, Bash) is a plus.
• Strong grasp of information security fundamentals, threat landscapes, and detection techniques.
• Relevant certifications preferred, such as GCFA, GCFE, GNFA, GREM, GCIA, CISSP.
• Excellent written, verbal, and presentation skills, with the ability to explain complex technical topics to non-technical audiences.
• Self-motivated, analytical, and detail-oriented, with strong problem-solving abilities.
Preferred
• Fluency in French or Spanish languages is preferred
Our Culture and Values
At eSentire we work in a collaborative and innovative work environment. We work with brilliant and passionate people who strive and encourage others to do their best. eSentire’s idea-rich environment welcomes creative and sometimes unconventional perspectives!
We celebrate diversity, operating with mutual respect and consideration, in an environment that fosters inclusivity for all. We believe that a variety of perspectives, backgrounds, and experiences make us stronger – if you’re enthusiastic about this opportunity but don’t meet every qualification, we encourage you to apply anyway. It takes a diverse set of thoughts, cultures, backgrounds, and perspectives to be a true market leader.
Total Rewards
We believe in rewarding performance and providing comprehensive benefits tailored to support your well-being. Our package includes comprehensive health benefits, a flexible vacation plan, and participation in our company-wide equity program, allowing you to share in the success and growth of our organization.
Accommodation
If you have any accessibility requirements during the recruitment process, please reach out to our HR team at talentacquisition@esentire.com and any accommodation needs will be addressed upon request. Your talents and unique perspectives are valued, and we look forward to the opportunity to work together to build a more inclusive future.
It's our mission at eSentire to protect our customers 24/7/365 and we extend this conviction to job seekers. During the application and interview process, eSentire will communicate with you from one of our corporate "@esentire.com" email addresses, never from a public email address. We strive to provide a welcoming, respectful, and thorough interview process, providing the candidate with ample opportunity to spend time with the hiring manager, recruiter, and future colleagues face to face, or using a video conference technology.
#LI-SJ1
#LI-Remote
eSentire is on a mission to hunt, investigate and stop cyber threats before they become business disrupting events. We were founded on the premise that if you can’t find a solution, you build it. Entrepreneurship and innovation are in our DNA. Our culture is based on transparency, teamwork, and continuous innovation.
As the authority in Managed Detection and Response, we protect the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats.
The Role
The Senior Security Consultant serves as a tactical arm of eSentire’s Incident Response team. Main function of this role is to drive deep expertise and experience in incident response, and digital forensics engagements. As a top tier operator, the position handles the most volatile and complex casework, while ensuring optimum quality of service and responsiveness. Casework spans from financially motivated data breaches to state-affiliated espionage and ideology-driven attacks aimed at information gathering, manipulation and disruption. Real domain expertise, mixed with ability to execute, and mastery of relevant technologies must produce investigative conclusions that stand scrutiny in the court of law.
The position operates in close coordination with eSentire’s SOC and Customer Success Management teams to drive fast mobilization, source identification, containment, and quantification of informational losses in response to cyber-attacks in motion.
Make no mistake, Incident Response work is an extremely demanding role. Cyber-attacks don’t follow a schedule. Our team must be available when they happen. As a result, our team members are often called upon to work outside regularly scheduled work hours, through weekends and holidays, with little notice. On the flip side, when it’s not busy we do encourage our team members to make the most of that time and catch up on their personal business. Please give this some thought before you apply, this is a demanding and equally rewarding job, but it’s not for everyone.
Responsibilities
• Drive deep domain expertise in cyber incident response, and digital forensics engagements.
• Serve as case lead in the most demanding and volatile cyber investigations.
• Be a tactical force multiplier for all open and active investigations.
• Overlay with Customer Service Management and SOC teams to optimize quality of service.
• Own and manage all aspects of assigned incident response engagements.
• Be responsive to the customer’s voice and feedback.
• Strive for attention to detail and excellence in service delivery.
• Assist in scoping, pricing and work assignment activities as needed.
• Continually research and develop new methods and approaches to improve service delivery.
• Provide support and mentoring to junior level staff.
• Work rotating shifts and be available on an on-call basis as required.
• Be prepared to work, as required, for extended periods outside of regularly scheduled hours, including weekends, and holidays.
• Be prepared to travel for short periods and work onsite at client locations throughout the United States and Canada, as required.
Requirements
• A four-year degree in a relevant discipline and eight to ten years of experience; OR ten or more years of relevant experience in a military or law enforcement capacity.
• Proven experience in IT investigations, digital forensics, and incident response—particularly involving polymorphic trojans and modern ransomware variants.
• Background in security consulting and/or case investigation, with the ability to operate in a client-facing, advisory capacity.
• Mastery of mainstream forensics tools such as EnCase, FTK, Axiom, X-Ways, etc.
• Strong working knowledge of Windows and/or Linux operating systems, and a solid understanding of networking concepts, protocols, and infrastructure.
• Hands-on experience with Endpoint Detection and Response (EDR) solutions such as CrowdStrike, SentinelOne, Microsoft Defender, etc.
• Familiarity with cloud-native security tools like AWS CloudTrail, Azure Security Center, or similar platforms for log analysis, evidence collection, and incident response.
• Experience with scripting or programming (e.g., Python, PowerShell, Bash) is a plus.
• Strong grasp of information security fundamentals, threat landscapes, and detection techniques.
• Relevant certifications preferred, such as GCFA, GCFE, GNFA, GREM, GCIA, CISSP.
• Excellent written, verbal, and presentation skills, with the ability to explain complex technical topics to non-technical audiences.
• Self-motivated, analytical, and detail-oriented, with strong problem-solving abilities.
Preferred
• Fluency in French or Spanish languages is preferred
Our Culture and Values
At eSentire we work in a collaborative and innovative work environment. We work with brilliant and passionate people who strive and encourage others to do their best. eSentire’s idea-rich environment welcomes creative and sometimes unconventional perspectives!
We celebrate diversity, operating with mutual respect and consideration, in an environment that fosters inclusivity for all. We believe that a variety of perspectives, backgrounds, and experiences make us stronger – if you’re enthusiastic about this opportunity but don’t meet every qualification, we encourage you to apply anyway. It takes a diverse set of thoughts, cultures, backgrounds, and perspectives to be a true market leader.
Total Rewards
We believe in rewarding performance and providing comprehensive benefits tailored to support your well-being. Our package includes comprehensive health benefits, a flexible vacation plan, and participation in our company-wide equity program, allowing you to share in the success and growth of our organization.
Accommodation
If you have any accessibility requirements during the recruitment process, please reach out to our HR team at talentacquisition@esentire.com and any accommodation needs will be addressed upon request. Your talents and unique perspectives are valued, and we look forward to the opportunity to work together to build a more inclusive future.
It's our mission at eSentire to protect our customers 24/7/365 and we extend this conviction to job seekers. During the application and interview process, eSentire will communicate with you from one of our corporate "@esentire.com" email addresses, never from a public email address. We strive to provide a welcoming, respectful, and thorough interview process, providing the candidate with ample opportunity to spend time with the hiring manager, recruiter, and future colleagues face to face, or using a video conference technology.
#LI-SJ1
#LI-Remote
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
2
0
0
Categories:
Consulting Jobs
Forensics Jobs
Incident Response Jobs
Tags: AWS Azure Bash CISSP Cloud CrowdStrike EDR EnCase Forensics GCFA GCFE GCIA GNFA GREM Incident response Linux Log analysis PowerShell Python Scripting SOC Windows
Perks/benefits: Career development Equity / stock options Flex hours Flex vacation Health care Team events
Regions:
Remote/Anywhere
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsProduct Security Engineer jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsSenior Security Analyst jobsCybersecurity Editor jobsCybersecurity Content Editor jobsSenior Information Security Analyst jobsInformation Security Manager jobsCyber Security Specialist jobsSenior Network Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsSecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsSecurity Specialist jobsIT Security Engineer jobsSenior Product Security Engineer jobsInformation Systems Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior Cyber Security Engineer jobsSenior Software Engineer jobsSecurity Operations Analyst jobsCyber Security Architect jobs
Bash jobsJava jobsCEH jobsEncryption jobsTS/SCI jobsThreat detection jobsSplunk jobsSDLC jobsTerraform jobsTop Secret jobsSQL jobsMalware jobsIDS jobsSOC 2 jobsIPS jobsRMF jobsFinance jobsDocker jobsForensics jobsCompTIA jobsActive Directory jobsOWASP jobsITIL jobsIntrusion detection jobsAnsible jobs
VPN jobsHIPAA jobsIT infrastructure jobsCRISC jobsGIAC jobsTCP/IP jobsDoDD 8570 jobsOSCP jobsClearance Required jobsMITRE ATT&CK jobsDNS jobsSOAR jobsData Analytics jobsCCSP jobsZero Trust jobsIndustrial jobsSOX jobsJira jobsArtificial Intelligence jobsBanking jobsJavaScript jobsMachine Learning jobsNIST 800-53 jobsUNIX jobsCISO jobs