Senior Consultant, DFIR, Reactive Services

Palo Alto Networks Logo

Palo Alto Networks

📍Remote - Saudi Arabia

Summary

Join Palo Alto Networks® as a Senior Consultant and lead client-facing incident response engagements. You will work directly with customers and stakeholders, guiding them through investigations and remediation. Responsibilities include performing host-based analysis, examining logs, investigating data breaches using various forensic tools, and mentoring junior consultants. This role requires 4+ years of incident response or digital forensics experience, proficiency with specific forensic tools, and a Bachelor's degree in a related field or equivalent military experience. The position involves approximately 30% travel and operates on a Friday-Monday weekend shift. The ideal candidate will possess strong communication skills, executive presence, and a deep understanding of Palo Alto Networks products.

Requirements

  • 4+ years of incident response or digital forensics experience with a passion for cyber security
  • Proficient with host-based forensics and data breach response
  • Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Volatility, WireShark, TCPDump, and open source forensic tools
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field or equivalent military experience required
  • Fluent in Arabic and elligable to work in Saudi Arabia

Responsibilities

  • Perform reactive incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity
  • Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Unit 42 investigation tools to determine source of compromises and malicious activity that occurred in client environments
  • Lead incident response engagements to guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
  • Mentorship of Incident Response Consultants in incident response and forensics best practices
  • Ability to perform light travel requirements as needed to meet business demands (on average 30%)

Preferred Qualifications

  • Incident Response Consulting preferred
  • Identified ability to grow into a valuable contributor to the practice and, specifically have an external presence via public speaking, conferences, and/or publications
  • Have credibility, executive presence, and gravitas
  • Be able to have a meaningful and rapid delivery contribution
  • Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
  • Be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team

Remote

Cybersecurity

Senior

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.