Principal Consultant, Cloud DFIR, Reactive Services

Palo Alto Networks Logo

Palo Alto Networks

💵 $151k-$208k
📍Remote - United States

Summary

Join Palo Alto Networks® as a Principal Consultant and lead client-facing engagements focused on reactive services. You will work directly with customers and stakeholders to address security priorities in cloud platforms (Azure, AWS, GCP) and cloud-related applications. This role involves performing incident response in public cloud environments, investigating data breaches, and providing remediation recommendations. You will manage engagements, mentor team members, and travel as needed (approximately 20%). The ideal candidate possesses 6+ years of incident response or digital forensics consulting experience and 3+ years in a cloud environment. Strong leadership and experience managing complicated engagements are essential.

Requirements

  • 6+ years of incident response or digital forensics consulting experience with a passion for cyber security
  • 3+ years in a cloud environment as an administrator, security operator, or consultant- DevOps experience welcome
  • Hands-on experience with architecting, building, operating, investigating, and troubleshooting large and complex cloud environments
  • Understand and demonstrate best practices for architecting and operating in a cloud environment
  • Experience with large-scale application administration and debugging, Cloud Security Posture Management (CSPM) solutions, or automation via scripting or cloud-native approaches
  • Strong leadership skills including experience managing a team or individuals
  • Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front

Responsibilities

  • Perform reactive incident response functions in public cloud environments, primarily Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and AliCloud
  • Examine compute, storage, IAM, network traffic, serverless, and other log sources to identify evidence of malicious activity
  • Investigate data breaches leveraging traditional forensic tools, cloud-specific tools, and custom Unit 42 techniques to determine the source of compromises and malicious activity that occurred in client environments
  • Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
  • Ability to perform travel requirements as needed to meet business demands (on average 20%)
  • Mentorship of team members in incident response and forensics best practices

Benefits

The offered compensation may also include restricted stock units and a bonus

Remote

Cybersecurity

Principal

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.