Principal Consultant, DFIR, Reactive Services

Palo Alto Networks Logo

Palo Alto Networks

💵 $151k-$208k
📍Remote - United States

Summary

Join Palo Alto Networks as a Principal Consultant and lead client-facing incident response engagements. You will manage and deliver on reactive services, working directly with clients and stakeholders to investigate security incidents and provide remediation guidance. Responsibilities include performing host-based analysis, examining various log sources, investigating data breaches using forensic tools, and mentoring team members. This role requires 6+ years of incident response or digital forensics consulting experience, strong leadership skills, proficiency in host-based forensics, and experience with various forensic tools. The position involves approximately 20% travel. A Bachelor's degree in a related field is required. Compensation includes a base salary between $151,000 and $208,000, restricted stock units, and a bonus.

Requirements

  • 6+ years of incident response or digital forensics consulting experience with a passion for cyber security
  • Strong leadership skills including experience managing a team or individuals
  • Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front
  • Proficient with host-based forensics and data breach response
  • Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools
  • Incident response consulting experience required
  • Ability to perform travel requirements as needed to meet business demands (on average 20%)
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field

Responsibilities

  • Perform reactive incident response functions including but not limited to: host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Examine firewall, web, database, and other log sources to identify evidence of malicious activity
  • Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and other investigation tools to determine source of compromises and malicious activity that occurred in client environments
  • Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
  • Ability to perform travel requirements as needed to meet business demands (on average 20%)
  • Mentorship of team members in incident response and forensics best practices

Preferred Qualifications

  • Have an external presence via public speaking, conferences, and/or publications
  • Have credibility, executive presence, and gravitas
  • Be able to have a meaningful and rapid delivery contribution
  • Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
  • Be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team

Benefits

The offered compensation may also include restricted stock units and a bonus

Remote

Cybersecurity

Principal

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.