Principal Consultant - Incident Response
Job Description
As a Principal/Senior Consultant, you will be responsible for delivering both reactive and proactive services engagements in the Asia Pacific and Japan region. You will be a member of a highly collaborative industry leading team that thrives on the daily challenges of stopping breaches from the world's most sophisticated adversaries. This is an individual contributor, senior technical consulting role that requires hands-on technical expertise and ability to communicate effectively with both technical and business stakeholders. This person should be capable of supporting, managing, and mentoring less experienced team members.
The right candidate will possess excellent energy and drive and a real desire to help organisations respond to security incidents. The ability to work in a high stress, high pressure situation is a must as well as the ability to work together with the team around the APJ region. Candidates with extensive forensics, incident response, and cyber security experience are encouraged to apply.
Responsibilities
- Lead incident response engagements.
- Perform advanced host and/or network-based forensics across Windows, Mac, and Linux platforms.
- Advise organizations while they respond to threat actor activity.
- Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management.
- Present technical material to non-technical and technical audiences
- Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
Job Requirements
- Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hactivists.
- Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
- Network Forensic Analysis: strong knowledge of network protocols, network analysis tools, and ability to perform analysis of associated network logs.
- Incident Remediation: deep understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
- Threat Intelligence: familiarity with threat intelligence, adversary attribution and its application to Incident response
- Communication: exceptional written and oral communication skills. Ability to write and present technical content, including being able to present to senior executives.
- Qualifications: following certifications preferred but not required GIAC Certified Forensics Analyst (GCFA), GIAC Certified Incident Handler (GCIH) or similar.
