Job Description

Lead Consultant for the IR/Forensics Practice
Full-Time, Exempt
Location: remote
Job Description
The Lead Consultant will be part of the Incident Response and Forensics practice, whose services include emergency incident response as well as incident preparation services.  The Lead Consultant will act as an Incident Commander on customer incidents, perform forensic investigation activities during suspected security events, manage customer recovery, and provide expert incident response reports. Skills include resolving highly complex intrusion scenarios using host, cloud, network, log, IDS and device analysis and forensics. As a Lead Consultant you will respond to, analyze, diagnose, and report on attack events as well as recommend counter measures to attacks and other malicious activity.  Lead Consultants must also be able to develop IR Plans and Playbooks and run IR Tabletop Exercises.

Duties and Requirements

• Available 24/7 for incoming IR work, based on an on-call rotation of 2 weeks on, 4 weeks off on-call rotation
• Mostly remote work but some infrequent emergency travel is required
• Able to act as an Incident Commander for customers, lead a response and recovery effort on their behalf
• Assist and lead in the creation of IR Plan and Playbook Development
• Develop policies and procedures to investigate malware incidents for the entire computer network
• Assists in the development and delivery of malware security awareness products and briefings
• Assist and lead in IR Tabletop Exercises

Good to have:  

• CISSP/CISM
• GIAC Certified Forensic Examiner (GCFE), GIAC Experienced Forensics Examiner (GX-FE), GIAC Enterprise Incident Response (GEIR), GIAC Cloud Forensics Responder (GCFR), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensic Analyst (GNFA), GIAC Certified Incident Handler Certification (GCIH), GIAC Response and Industrial Defense (GRID), GIAC Experienced Forensics Analyst (GX-FA), GIAC Linux Incident Responder (GLIR)
• Experience with standards framework assessments

Required Skills/Abilities

• 5+ years of experience in incident response and forensic investigations
• Experienced in disk, M365, cloud and network investigations and forensics, required
• Proficient at IR/Forensics and TTE After-Action Report writing, required
• Strong analytical and problem-solving skills with the ability to tackle complex challenges.
• Effective communication skills, both written and verbal, to document and share knowledge.
• Ability to adapt and thrive in a fast-paced, evolving technical landscape.
• Proven ability to problem-solve and think critically in a fast-paced environment.

 

Benefits Include:

• Health Insurance 80% paid by employer
• Dental Insurance 80% paid by employer
• Vision Insurance 80% paid by employer
• Self- Managed vacation leave
• Paid sick leave
• Paid holiday leave

All candidates must be eligible to work in the U.S. for any employer. We are an E-Verify employer.

Lumifi welcomes and encourages diversity in our workplace. All qualified applicants will receive consideration for employment without regard to race color, religion, sex, sexual orientation, gender identity, national origin or disability.

Job Tags

Full time, Remote work,

Similar Jobs