RemoteLeaf Logo
Log in Sign up

Principal DFIR Consultant - Remote (Anywhere in the U.S.)

1 month ago
United States
Full-time
Lead
Penetration Tester
Cybersecurity
AWS Azure Bash Go PowerShell Python SIEM
Apply Now
GuidePoint Security

GuidePoint Security

GuidePoint Security is a trusted cybersecurity consulting firm that provides expertise, solutions, and services to help organizations make informed decisions and minimize risks. Their elite team of experts offers holistic perspectives on cybersecurity,...

Internet Software & Services
251-1K
Founded 2011
View All Jobs 40

Description

  • Serve as technical oversight on complex or high-severity DFIR engagements and review findings before client calls.
  • Lead the most sensitive investigations, including ransomware, APT, nation-state, and insider threat cases.
  • Perform advanced host forensics, network analysis, malware reverse engineering and triage, cloud forensics, threat actor attribution, and intelligence-driven investigations.
  • Provide surge support during high-volume periods across multiple concurrent engagements.
  • Design, document, and maintain DFIR methodologies, playbooks, and SOPs.
  • Mentor Senior Consultants and Analysts on technical work, client management, and professional development.
  • Lead internal trainings, write technical blog posts and research, and contribute to the team knowledge base.
  • Identify tooling and process gaps and build automation, scripts, or integrations to improve investigative efficiency.
  • Support candidate screening, technical interviews, and skills assessment for hiring.
  • Support pre-sales activities such as technical scoping, proposal development, SOW review, and client presentations.

Requirements

  • 8+ years of hands-on DFIR experience, including complex incident response and forensic investigations.
  • 10+ combined years of IT and information security experience.
  • Experience serving as a lead or senior technical contributor on high-severity engagements.
  • Expert-level proficiency in host forensics, network forensics, log analysis, malware triage, cloud IR, and BEC investigation.
  • Strong written and verbal communication skills with the ability to present to executive and legal audiences.
  • Proven experience mentoring and developing junior and mid-level technical staff.
  • Experience developing or contributing to DFIR methodologies, playbooks, or tooling.
  • Prior consulting or professional services experience at a DFIR or cybersecurity firm is preferred.
  • Advanced scripting ability with PowerShell, Python, Bash, Go, or similar is preferred.
  • Experience with EDR, NDR, XDR, SIEM, Velociraptor, and commercial or open-source forensic platforms is preferred.
  • Cloud incident response experience with AWS, Microsoft 365, Azure, or Google Workspace is preferred.
  • Experience with threat actor attribution, CTI integration, and intelligence-driven investigation is preferred.
  • Familiarity with ransomware negotiation considerations, threat actor communications, and recovery workflows is preferred.
  • Relevant certifications such as GREM, GCFA, GCFE, GDAT, GCIH, GCIA, or CISSP are preferred.

Benefits

  • Remote workforce primarily, with U.S.-based work and some travel depending on role.
  • Group medical insurance options with substantial employer premium contributions.
  • Group dental insurance with employer-paid premiums for employees and partial coverage for family plans.
  • 12 corporate holidays plus a Flexible Time Off (FTO) program.
  • Healthy mobile phone and home internet allowance.
  • Eligibility for the retirement plan after 2 months at open enrollment.
  • Pet benefit option.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Veracyte

Manager, IT & Cybersecurity GRC

Veracyte 251-1K Pharmaceuticals

Veracyte is hiring a Manager, IT & Cybersecurity GRC to lead enterprise technology controls, IT SOX compliance, and cybersecurity risk governance in a highly regulated environment.

United States Full-time Lead Penetration Tester Program Manager
$145k-$155k
Cybersecurity
14 hours, 54 minutes ago
Cyderes

Senior PAM Consultant

Cyderes 251-1K Professional Services

Cyderes is seeking a Senior Privileged Access Management (PAM) Consultant to assess, design, implement, and support enterprise PAM solutions across identity security environments.

Canada Full-time Senior Penetration Tester
$81k-$104k
Active Directory Linux PowerShell REST API Secrets Management SIEM SQL
15 hours, 39 minutes ago
ecosio

Senior Pentester / Red Teamer

ecosio 51-250 Internet Software & Services

ecosio is seeking a Senior Pentester / Red Teamer to proactively assess and strengthen its cloud-native and hybrid security environment through offensive security engagements and automated testing.

United Kingdom Poland Portugal Austria Spain Croatia Germany Hungary Italy Full-time Senior Penetration Tester
AWS Bash CI/CD CrowdStrike Datadog Go Kubernetes Linux LLM Machine Learning Metasploit Penetration Testing Python Serverless
1 day, 15 hours ago
Planet Technologies

Microsoft Security and Compliance Consultant

Planet Technologies 251-1K Internet Software & Services

Planet Technologies is seeking a Senior Microsoft Security & Compliance Consultant to help clients design and deliver secure, compliant Microsoft 365, Microsoft Purview, and Copilot environments.

United States Full-time Senior Penetration Tester
$120k-$210k
Azure PowerShell
2 days, 15 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers