Senior DFIR Consultant
GuidePoint Security
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Job Level
About the role
- Operate as a technical resource within the Practice and actively participate in DFIR investigations
- Effective engagement communication, time management, and collaboration with peers
- Author comprehensive engagement deliverables that are tailored to both technical and managerial audiences as well as fully detail the technical findings, recommendations, business impact, and realistic remediation strategies
- Foster client relationships by providing support, information, and guidance
- Utilize automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet the rapidly changing needs of our clients
- Contribute to integration of existing and future open-source and commercial tools to help improve DFIR processes and procedures
- Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront of the information security industry
- Maintain a strong desire to learn, adapt, and improve along with a rapidly-growing company
- Perform other duties as assigned
Requirements
- Four (4+) years of experience performing incident response investigations
- Six (6+) combined years of IT and information security experience
- Prior experience in a Consulting Services role
- Experience with Digital Forensics & Incident Response (DFIR) methodology and process
- Core capabilities include:
- Network traffic analysis
- Host forensics
- Malware handling / triage
- Log review
- BEC Analysis
- Experience with a variety of industry-related solutions including EDR, NDR, XDR, SIEM, FW, NGAV, Velociraptor, and others
- Experience with common programming languages including PowerShell, Python, BASH, Go, or others
- Experience with cloud technologies for the enterprise, such as Amazon Web Services, G Suite, M365, and Azure
- Awareness of attacker techniques, advanced threat groups, and integration of intelligence into an investigation
- Other relevant industry certifications, such as but not limited to CISSP, GCIA, GCIH, GDAT, GCFE, and GFCA
Benefits
- Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
- Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
incident responsedigital forensicsnetwork traffic analysishost forensicsmalware handlinglog reviewBEC analysisPowerShellPythonAWS
Soft Skills
communicationtime managementcollaborationclient relationship managementadaptabilitydesire to learnproblem-solving
Certifications
CISSPGCIAGCIHGDATGCFEGFCA