Principal Consultant, DFIR, Reactive Services (Unit 42) - Remote
Tasks
- Analyze memory logs and endpoint telemetry
- Conduct host network and cloud investigations
- Deliver technical findings and remediation guidance
- Develop incident response playbooks and tools
- Guide investigative strategy
- Lead incident response investigations
- Maintain knowledge of emerging threats
- Perform advanced forensic analysis
- Perform forensic acquisition and analysis
- Share knowledge and mentor team
- Use DFIR tools and methodologies
Perks/Benefits
Skills/Tech-stack
Chain of Custody | Cloud Forensics | Computer forensics | Digital forensics | EnCase | Endpoint investigation | Endpoint telemetry | Evidence handling | FTK | Forensic acquisition | Incident Response | Linux | Log Analysis | MITRE ATT&CK | MacOS | Malware triage | Memory Forensics | Microsoft Windows | Network investigation | Reverse Engineering | Sleuthkit | Volatility
Education
Related jobs
-
Principal Engineer Software, Security (Chronosphere) USD 147K-237KAccess Control | C plus plus | Compliance | Design reviews | Detection and ResponseRemote workSenior-level Full TimeSan Francisco, CA R1d ago
-
Cyber Security & ITAR Analyst USD 100K-130KAdobe Acrobat | Android | Awareness Training | Control compliance | Cyber Security401k match | Health savings account | Life Insurance Paid by Employer | Long Term Disability Insurance Paid By Employer | Paid HolidaysMid-level Full TimeBroomfield, CO, US R3d ago
-
Security Operations Analyst - West Coast USD 100K-125KAWS | Active Directory | Azure | Bash | Command Prompt401k match | Coaching platform access | Digital reimbursement | Disability insurance | Education reimbursementMid-level Full TimeRemote US R4d ago
-
Cybersecurity Analyst (ISSO) USD 90K-110KAuthority to Operate | Continuous Diagnostics and Mitigation | Continuous diagnostics | Cybersecurity | FIPSAccidental death and dismemberment insurance | Computer reimbursement | Dental insurance | Disability insurance | Employee assistance programSenior-level Full TimeGermantown, MD, United States R4d ago
-
Mid-Level Forensics Analyst USD 112K-179KArtifact analysis | Bash | Chain of Custody | Digital forensics | Disk analysisMid-level Full TimePortland, OR - Remote/Hybrid R4d ago
-
AWS | Application Security | Application Security Posture Management | Azure | BashEmployee networks | Employee volunteer opportunities | Paid adoption leave | Paid parental leave | Paid time offSenior-level Full TimeUSA MN Remote, United States R4d ago
-
Cyber Security Analyst USD 160K-258KAWS | Access Management | Application Security | Azure | Cloud SecuritySenior-level Full TimeUS, VA, Remote, United States R4d ago
-
Senior-level Full TimeUS, CA, Remote, United States R4d ago
-
Security Operations Analyst USD 70K-100KData Normalization | EDR | IAM | Incident Response | Log Ingestion401k match | Employer covered dental | Employer covered medical | Employer covered vision | Flexible spending accountMid-level Full TimeUnited States (Remote) R5d ago
-
Associate Cyber Security Analys USD 52K-84KEvent triage | Incident Response | Log Analysis | Malware analysis | Microsoft OfficeBonuses | Merit increases | Technical educationMid-level Full TimeSt. Louis, MO, US R5d ago
-
Cyber Security Analyst USD 59K-98KDetection and Response | Incident Response | Incident Triage | Intrusion Detection | Log AnalysisBonuses | Merit increases | Paid training and certificationsNone Full TimeSt. Louis, MO, US R5d ago
-
Sr. Professional Services Consultant - Data Security USD 102K-193KActive Directory | Azure AD | Cloud Security | DLP | Data SecurityFlexible work environment | Global collaboration opportunities | Recognition program | Volunteer days | Wellness programSenior-level Full TimeCalifornia, United States R5d ago
-
Insider Risk Specialist, Insider Threat Program USD 75K-160KAutomation | Counterintelligence | Cyber Security | Data Querying | Incident Response401k match | Adoption Assistance | Fertility assistance | Mental healthcare | Tuition assistanceSenior-level Full TimeMD Bethesda Office, United States R5d ago
-
Product Security Incident Response Analyst USD 96K-192KAgile | CVE management | Coordinated vulnerability disclosure | Development Lifecycle | Incident ResponseRemote workMid-level Full TimeGeorgia, United States R6d ago
-
Sr Consultant - Cloud Red Team Blue Team (Remote) USD 115K-160KAWS | Adversary Emulation | Adversary TTPs | Cloud platform | Customer Relationship ManagementAdoption leave | Employee resource groups | Flexible work options | Paid parental leave | Paid time offSenior-level Full TimeUSA FL Remote, United States R6d ago
-
APIs | CrowdStrike Query Language | Cyber Threat | Cyber Threat Intelligence | Dark WebCompetitive vacation and holidays | Comprehensive wellness programs | Employee networks | Great Place to Work certified | Paid adoption leaveSenior-level Full TimeUSA CA Remote, United States R6d ago
-
Security Analyst USD 109K-143KConfluence | DevSecOps | Firewall administration | ISO 27001 | Incident ResponseEmergency fund | Employee involvement programs | Employee recognition programs | Hybrid work schedule | Paid training and professional developmentEntry-level Full TimeBlue Bell, Pennsylvania, United States (Hybrid) R6d ago
-
Information Security Analyst Senior USD 70K-78KAccess Control | Access Control Lists | DHCP | DNS | EncryptionCareer development opportunities | Paid Holidays | Paid parental leave | Paid sick time | Paid vacationSenior-level Full TimeREMOTE OPTIONS, PHOENIX R7d ago
-
Principal Software Engineer USD 170K-227KAPI | C# | C++ | GRPC | GoGlobal volunteer day | Mindfulness app free membership | Non-profit matching | Paid parental leave | Paid time offSenior-level Full TimeUnited States; Remote or Canada R7d ago
-
Tier 2 Monitoring Analyst - Senior USD 104K-166KAnomaly Detection | As-a-Service | Cloud Computing | Detection Systems | Event analysisHybrid work schedule after 90 days | On site first 90 days | Shift schedule Sunday to ThursdaySenior-level Full TimeArlington, VA, United States R7d ago
-
Sr. Security Operations Analyst USD 105K-195KAlert Tuning | Attack Vectors | Bash | Cause analysis | Digital forensicsHybrid work scheduleSenior-level Full TimeGA Atlanta 1050 Techwood Drive NW, … R7d ago
-
Security Operations Analyst USD 70K-131KAlert triage | Antivirus | Automation | Case management | Cloud SecurityCareer development | Headspace app access | Hybrid work model | Mental health days | Retirement savingsEntry-level Full TimeUnited States of America, Eagan, Minnesota R7d ago
-
Senior Information Security Analyst USD 75K-75KCompliance | Google Workspace | Incident Response | Lean | Microsoft OfficeFlexible schedules | Paid Holidays | Paid parental leave | Tuition reimbursement | Wellness plansSenior-level Full TimeREMOTE OPTIONS, PHOENIX R8d ago
-
Cybersecurity Analysts USD 100K-145K800-53 | ACAS | AWS | AppDetective | CNSSI 1253Direct full time W2 employment | Hybrid schedule | US Secret security clearance supportMid-level Full TimeWashington DC Metro Area R8d ago
-
AWS | Advanced Persistent Threats | Agentic AI | Azure | Cloud platformRemote eligibleSenior-level Full TimeMcLean, VA, United States R8d ago