Principal Consultant, DFIR, Reactive Services

Summary

Join Palo Alto Networks as a Principal Consultant and lead client-facing incident response engagements. You will manage and perform reactive incident response functions, investigate data breaches using various forensic tools, and mentor team members. This role requires 6+ years of experience in incident response or digital forensics consulting, strong leadership skills, and proficiency in host-based forensics. The position involves approximately 20% travel. A Bachelor's degree in a related field is required. Compensation includes a base salary between $151,000 and $208,000, restricted stock units, and a bonus.

Requirements

• 6+ years of incident response or digital forensics consulting experience with a passion for cyber security
• Strong leadership skills including experience managing a team or individuals
• Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front
• Proficient with host-based forensics and data breach response
• Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools
• Incident response consulting experience required
• Ability to perform travel requirements as needed to meet business demands (on average 20%)
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field

Responsibilities

• Perform reactive incident response functions including but not limited to: host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
• Examine firewall, web, database, and other log sources to identify evidence of malicious activity
• Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation tools to determine source of compromises and malicious activity that occurred in client environments
• Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
• Ability to perform travel requirements as needed to meet business demands (on average 20%)
• Mentorship of team members in incident response and forensics best practices

Preferred Qualifications

• Have an external presence via public speaking, conferences, and/or publications
• Have credibility, executive presence, and gravitas
• Be able to have a meaningful and rapid delivery contribution
• Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
• Be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team

Benefits

• The compensation offered for this position will depend on qualifications, experience, and work location
• For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $151000 - $208000/YR
• The offered compensation may also include restricted stock units and a bonus