RemoteLeaf Logo
Log in Sign up

Principal DFIR Consultant - Remote (Anywhere in the U.S.)

3 hours, 6 minutes ago
United States
Full-time
Lead
Penetration Tester
Cybersecurity
AWS Azure Bash Go PowerShell Python SIEM
Apply Now
GuidePoint Security

GuidePoint Security

GuidePoint Security is a trusted cybersecurity consulting firm that provides expertise, solutions, and services to help organizations make informed decisions and minimize risks. Their elite team of experts offers holistic perspectives on cybersecurity,...

Internet Software & Services
251-1K
Founded 2011
View All Jobs 34

Description

  • Serve as technical oversight on complex or high-severity DFIR engagements and review findings before client calls.
  • Lead the most sensitive investigations, including ransomware, APT, nation-state, and insider threat cases.
  • Perform advanced host forensics, network analysis, malware reverse engineering and triage, cloud forensics, threat actor attribution, and intelligence-driven investigations.
  • Provide surge support during high-volume periods across multiple concurrent engagements.
  • Design, document, and maintain DFIR methodologies, playbooks, and SOPs.
  • Mentor Senior Consultants and Analysts on technical work, client management, and professional development.
  • Lead internal trainings, write technical blog posts and research, and contribute to the team knowledge base.
  • Identify tooling and process gaps and build automation, scripts, or integrations to improve investigative efficiency.
  • Support candidate screening, technical interviews, and skills assessment for hiring.
  • Support pre-sales activities such as technical scoping, proposal development, SOW review, and client presentations.

Requirements

  • 8+ years of hands-on DFIR experience, including complex incident response and forensic investigations.
  • 10+ combined years of IT and information security experience.
  • Experience serving as a lead or senior technical contributor on high-severity engagements.
  • Expert-level proficiency in host forensics, network forensics, log analysis, malware triage, cloud IR, and BEC investigation.
  • Strong written and verbal communication skills with the ability to present to executive and legal audiences.
  • Proven experience mentoring and developing junior and mid-level technical staff.
  • Experience developing or contributing to DFIR methodologies, playbooks, or tooling.
  • Prior consulting or professional services experience at a DFIR or cybersecurity firm is preferred.
  • Advanced scripting ability with PowerShell, Python, Bash, Go, or similar is preferred.
  • Experience with EDR, NDR, XDR, SIEM, Velociraptor, and commercial or open-source forensic platforms is preferred.
  • Cloud incident response experience with AWS, Microsoft 365, Azure, or Google Workspace is preferred.
  • Experience with threat actor attribution, CTI integration, and intelligence-driven investigation is preferred.
  • Familiarity with ransomware negotiation considerations, threat actor communications, and recovery workflows is preferred.
  • Relevant certifications such as GREM, GCFA, GCFE, GDAT, GCIH, GCIA, or CISSP are preferred.

Benefits

  • Remote workforce primarily, with U.S.-based work and some travel depending on role.
  • Group medical insurance options with substantial employer premium contributions.
  • Group dental insurance with employer-paid premiums for employees and partial coverage for family plans.
  • 12 corporate holidays plus a Flexible Time Off (FTO) program.
  • Healthy mobile phone and home internet allowance.
  • Eligibility for the retirement plan after 2 months at open enrollment.
  • Pet benefit option.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Anduril Industries

Security Business Partner, Frontier Systems

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is seeking a Security Business Partner to embed strategic security support within its Frontier Systems Division, enabling classified defense programs and business growth across Department of War and Intelligence Community customers.

United States Full-time Lead Penetration Tester
$191k-$253k
SAP
1 hour, 32 minutes ago
AHEAD

Senior Technical Consultant - Network Security

AHEAD 1K-5K IT Services

AHEAD is hiring a Senior Technical Consultant to lead client-facing network security engagements spanning firewall, network access control, and SASE/Zero Trust design, implementation, and delivery for enterprise environments.

United States Full-time Senior Network Engineer Penetration Tester
$170k-$200k
Ansible AWS Azure Fortinet HIPAA Juniper Kubernetes SIEM Splunk Terraform
8 hours, 18 minutes ago
Path Robotics

Manager, Governance, Risk and Compliance

Path Robotics 51-250 Automotive

Path Robotics is hiring a Cybersecurity GRC Manager to build and lead its enterprise governance, risk, and compliance program as the company scales into regulated markets.

United States Full-time Senior Penetration Tester Program Manager
AWS Azure Cybersecurity GCP
20 hours, 27 minutes ago
Point Wild

Senior Security Researcher

Point Wild Internet Software & Services

Point Wild is hiring a security researcher to own end-to-end detection for its software supply chain security platform, identifying malicious packages and CI/CD threats before they reach production.

India Full-time Senior Penetration Tester
Cybersecurity GitHub Actions Go Java JavaScript LLM Maven PHP Python Ruby Rust TypeScript
21 hours, 46 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers