Job Title: Principal Consultant, Digital Forensics & Incident Response

Location: Remote (USA)

Role: Full time / Exempt

Compensation: $100K-$160K annually

 

What Makes You Stand Out

You are a seasoned cybersecurity professional specializing in Digital Forensics and Incident Response (DFIR), with extensive experience, including client-facing roles, sophisticated forensic analysis, and a proven track record of independently managing investigations of varying sizes and complexities. Committed to continuous learning, you actively seek opportunities to expand your knowledge base, contributing to the team’s collective expertise.

In addition to technical proficiency, you excel at forensically guiding engagements and prioritizing competing priorities effectively. Demonstrated through a consistent delivery of high-quality results, your passion lies in mentoring colleagues and navigating the dynamic landscape of security incidents, showcasing a deep understanding of the evolving threat landscape.

How You’ll Make An Impact

As a Principal Consultant, you will represent Surefire Cyber as a skilled technical forensic and consulting expert for clients across diverse industries during active incident response engagements. Leveraging your extensive experience and technical skills, you will play a pivotal role in detecting and analyzing intrusions, offering clear guidance to clients navigating high-pressure response situations, and providing after-hours support as needed.

Your Role In Action

• Demonstrate genuine curiosity, a commitment to continuous learning, and contribute valuable insights to support the team’s knowledge growth.
• Forensically lead incident response engagements, working with other team members to guide clients through the entire incident response lifecycle from detection to recovery.
• Conduct advanced forensic analysis to identify the scope and impact of security incidents meticulously and precisely, including malware analysis and reverse engineering when necessary.
• Independently manage investigations ranging in size and complexity such as Business Email Compromises and Ransomware engagements. 
• Provide career development for a Forensic team consisting of 3-4 Consultants/Senior Consultants, by investing in their professional development conducting regular one-on-one conversations and providing guidance and recommendations on training opportunities. 
• Identify, articulate, and explain attack vectors, threat tactics, and attacker techniques to guide mitigation and prevention efforts.
• Convey complex forensic findings to technical and non-technical stakeholders clearly and understandably.
• Provide comprehensive supporting evidence for written reports detailing incident findings, and analysis.
• Review, provide well thought out input, and provide guidance to other team members on forensic reports. 
• Collaborate with internal teams, external partners, and clients to refine and document incident response processes and best practices.
• Spearhead research and development activities to stay up to date with the latest forensic tools, techniques, and methodologies. 
• Contribute to the development of internal processes and support broader organizational initiatives.
• Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.

Your Expertise

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, industry certifications, or former professional experience as a Senior or Principal Forensic Consultant, Senior or Principal Cybersecurity Consultant, or as a Senior or Principal Incident Responder.
• Hold industry certifications or showcase equivalent professional experience as a Principal Consultant, highlighting a profound mastery of Digital Forensics and Incident Response.
• Previous experience in leading the forensic workstreams and teams ranging from 3-4 in size on complex investigations.
• Demonstrate advanced proficiency in utilizing common digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK (Forensic Toolkit), Open-Source, or comparable industry-standard tools.
• Showcase professional experience in the effective use of network analysis and intrusion detection tools, exemplifying a deep understanding of their application in cybersecurity.
• Possess in-depth knowledge of cybersecurity principles and best practices, underlining a comprehensive understanding of the intricacies of the cybersecurity landscape.
• Exhibit excellent problem-solving skills and meticulous attention to detail, displaying an ability to navigate complex challenges with precision and thoroughness.
• Demonstrate the ability to work effectively under pressure, manage multiple competing priorities, and consistently meet tight deadlines, reflecting resilience and efficiency in high-stakes scenarios.
• Display exceptional communication skills, both written and verbal, ensuring the ability to convey complex technical information clearly and comprehensively.
• Express eagerness to mentor, share knowledge, and actively contribute to the expansion of the team’s expertise, fostering a collaborative and growth-oriented environment.
• Exhibit the capability to provide after-hours (on-call/weekend rotational) support as required, demonstrating a commitment to addressing critical incidents promptly and maintaining continuous coverage.

Interview Process

• Submit interest and application to on our website
• Preliminary phone interview with the the Talent & People Team (approx., 30 minutes)
• Virtual /Teams Technical interview with DFIR Consultants (approx., 60 minutes)
• Virtual/Teams interview with Engagement Leads (approx., 60 minutes)
• Virtual/Teams interview with Chief Delivery Officer (approx., 45 minutes)
• Virtual/Teams interview with CEO (Chief Executive Officer) (approx., 30 minutes)

Please note that we reserve the right to modify the process at any time.