Cloud Incident Response Training Instructor

Summary

Join our team as a Cloud Instructor to deliver engaging virtual Cloud Incident Response training courses! You will teach security professionals about Microsoft Azure tools and methodologies for incident response and forensics. The courses cover foundational, intermediate, and advanced levels. As a 1099 contractor, you'll design and deliver interactive training sessions, facilitate hands-on labs, and create a dynamic learning environment. This project-based role requires proven expertise in cloud incident response and experience teaching technical content. Ideal candidates possess relevant certifications and familiarity with advanced forensic analysis techniques.

Requirements

• Proven expertise in cloud incident response, with a focus on Microsoft Azure security tools and frameworks
• Prior experience teaching technical content to security professionals, preferably in virtual environments
• In-depth understanding of Azure architecture, logging sources, PowerShell, Microsoft Defender Suite, Sentinel, and SOAR
• Knowledge of threat hunting, advanced log analysis, and cloud-specific attack patterns

Responsibilities

• Deliver live virtual training that explores the differences between cloud and on-premises incident response, ensuring participants understand the Shared Responsibility Model and its implications for security investigations
• Teach participants to analyze Azure core functions, including virtual machines (VMs), storage, networking, and Identity Access Management (IAM), and guide them in navigating Azure logging sources and log types
• Provide hands-on instruction on configuring and utilizing tools like PowerShell modules, Microsoft Defender Suite, and Microsoft Sentinel for security orchestration, automation, and response (SOAR)
• Help students investigate and mitigate threats by teaching detection of common Azure attack patterns (e.g., password spraying, lateral movement, data exfiltration) and conducting threat hunting using Kusto Query Language (KQL)
• Guide advanced students in performing in-depth virtual machine forensics in Azure, including introductory memory analysis, while addressing challenges in forensic analysis of serverless functions and containers
• Support proactive defense strategies by teaching Azure-specific playbook creation, threat modeling, and leveraging cloud-native tools for artifact collection, automation, and advanced detection
• Facilitate labs and exercises that allow participants to apply new skills in realistic scenarios, such as configuring Microsoft Sentinel, integrating threat intelligence, and mapping security controls to frameworks like MITRE ATT&CK®
• Create an engaging and interactive learning environment, answering participant questions and ensuring key objectives are met

Preferred Qualifications

• Relevant certifications (e.g., Azure Security Engineer, Azure Administrator, CISSP, GCFA, GCIH)
• Familiarity with conducting forensic analysis of virtual machines, containers, and serverless functions in Azure
• Experience designing and delivering incident response playbooks and cloud automation workflows