Principal Consultant, Digital Forensic and Incident Response (DFIR) (Remote)
About Surefire Cyber
Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event.
Our approach and delivery are designed by industry veterans who have worked shoulder-to-shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents.
We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency.
Job Title
Principal Consultant, Digital Forensics & Incident Response
Location
Remote (USA)
Role
Full time / Exempt
Compensation
$100K-$160K annually, 20% Bonus
What Makes You Stand Out
- Seasoned cybersecurity professional specializing in Digital Forensics and Incident Response (DFIR)
- Extensive experience, including client-facing roles, sophisticated forensic analysis
- Pioneering track record of independently managing investigations of varying sizes and complexities
- Active pursuit of continuous learning opportunities to expand knowledge base
- Exceptional ability to forensically guide engagements and prioritize competing priorities
- Consistent delivery of high-quality results, with a passion for mentoring colleagues and navigating the dynamic landscape of security incidents
How You'll Make An Impact
- Represent Surefire Cyber as a skilled technical forensic and consulting expert for clients across diverse industries during active incident response engagements
- Leverage extensive experience and technical skills to detect and analyze intrusions, offer clear guidance to clients, and provide after-hours support as needed
- Forensically lead incident response engagements, guiding clients through the entire incident response lifecycle from detection to recovery
- Conduct advanced forensic analysis to identify the scope and impact of security incidents meticulously and precisely, including malware analysis and reverse engineering when necessary
- Independently manage investigations ranging in size and complexity such as Business Email Compromises and Ransomware engagements
- Mentor a Forensic team consisting of 3-4 Consultants/Senior Consultants, conducting regular one-on-one conversations and providing guidance and recommendations on training opportunities
- Identify, articulate, and explain attack vectors, threat tactics, and attacker techniques to guide mitigation and prevention efforts
- Convey complex forensic findings to technical and non-technical stakeholders clearly and understandably
- Provide comprehensive supporting evidence for written reports detailing incident findings, and analysis
- Review, provide well-thought-out input, and provide guidance to other team members on forensic reports
- Collaborate with internal teams, external partners, and clients to refine and document incident response processes and best practices
- Spearhead research and development activities to stay up to date with the latest forensic tools, techniques, and methodologies
- Contribute to the development of internal processes and support broader organizational initiatives
- Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage
Your Expertise
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, industry certifications, or former professional experience as a Senior or Principal Forensic Consultant, Senior or Principal Cybersecurity Consultant, or as a Senior or Principal Incident Responder
- Hold industry certifications or showcase equivalent professional experience as a Principal Consultant, highlighting a profound mastery of Digital Forensics and Incident Response
- Previous experience in leading the forensic workstreams and teams ranging from 3-4 in size on complex investigations
- Advanced proficiency in utilizing common digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK (Forensic Toolkit), Open-Source, or comparable industry-standard tools
- Effective use of network analysis and intrusion detection tools, demonstrating a deep understanding of their application in cybersecurity
- In-depth knowledge of cybersecurity principles and best practices, underscoring a comprehensive understanding of the intricacies of the cybersecurity landscape
- Excellent problem-solving skills and meticulous attention to detail, displaying an ability to navigate complex challenges with precision and thoroughness
- The ability to work effectively under pressure, manage multiple competing priorities, and consistently meet tight deadlines, reflecting resilience and efficiency in high-stakes scenarios
- Exceptional communication skills, both written and verbal, ensuring the ability to convey complex technical information clearly and comprehensively
- Eagerness to mentor, share knowledge, and actively contribute to the expansion of the team's expertise, fostering a collaborative and growth-oriented environment
- The capability to provide after-hours (on-call/weekend rotational) support as required, demonstrating a commitment to addressing critical incidents promptly and maintaining continuous coverage
Interview Process
- Submit interest and application to our website
- Preliminary phone interview with the Talent & People Team (approx., 30 minutes)
- Virtual / Teams Technical interview with Engagement Leads (approx., 60 minutes)
- Virtual/Teams interview with Chief Delivery Officer and an Engagement Lead (approx., 45 minutes)
- Virtual/Teams interview with CEO (Chief Executive Officer) (approx., 30 minutes)
Benefits for Full-Time Surefire Cyber Team Members
- Competitive compensation plan and total rewards package for team members
- Remote workforce
- Generous paid time off plan and floating holidays
- Paid parental leave
- Employer paid premiums for both team members and their dependents for medical, dental, and vision
- Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits
- Professional development and career advancement opportunities
- We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth
Note
- We reserve the right to modify the process at any time.
- Internship roles are not eligible for Surefire’s full-time benefits package. Internship-specific details will be shared during the interview process.
- Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.