Principal Consultant, Digital Forensic and Incident Response (DFIR) (Remote)

Principal Consultant, Digital Forensic and Incident Response (DFIR) (Remote) Remote About Surefire Cyber Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client‑centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event. Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder‑to‑shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency. Job Title: Principal Consultant, Digital Forensics & Incident Response Location: Remote (USA) Role: Full time / Exempt Compensation: $100K-$160K annually, 20% Bonus What Makes You Stand Out You are a seasoned cybersecurity professional specializing in Digital Forensics and Incident Response (DFIR), with extensive experience, including client‑facing roles, sophisticated forensic analysis, and a proven track record of independently managing investigations of varying sizes and complexities. Committed to continuous learning, you actively seek opportunities to expand your knowledge base, contributing to the team’s collective expertise. In addition to technical proficiency, you excel at forensically guiding engagements and prioritizing competing priorities effectively. Demonstrated through a consistent delivery of high‑quality results, your passion lies in mentoring colleagues and navigating the dynamic landscape of security incidents, showcasing a deep understanding of the evolving threat landscape. How You’ll Make An Impact As a Principal Consultant, you will represent Surefire Cyber as a skilled technical forensic and consulting expert for clients across diverse industries during active incident response engagements. Leveraging your extensive experience and technical skills, you will play a pivotal role in detecting and analyzing intrusions, offering clear guidance to clients navigating high‑pressure response situations, and providing after‑hours support as needed. Your Role In Action Demonstrate genuine curiosity, a commitment to continuous learning, and contribute valuable insights to support the team’s knowledge growth. Forensically lead incident response engagements, working with other team members to guide clients through the entire incident response lifecycle from detection to recovery. Conduct advanced forensic analysis to identify the scope and impact of security incidents meticulously and precisely, including malware analysis and reverse engineering when necessary. Independently manage investigations ranging in size and complexity such as Business Email Compromises and Ransomware engagements. Provide career development for a Forensic team consisting of 3‑4 Consultants/Senior Consultants, by investing in their professional development, conducting regular one‑on‑one conversations and providing guidance and recommendations on training opportunities. Identify, articulate, and explain attack vectors, threat tactics, and attacker techniques to guide mitigation and prevention efforts. Convey complex forensic findings to technical and non‑technical stakeholders clearly and understandably. Provide comprehensive supporting evidence for written reports detailing incident findings and analysis. Review, provide well‑thought‑out input, and provide guidance to other team members on forensic reports. Collaborate with internal teams, external partners, and clients to refine and document incident response processes and best practices. Spearhead research and development activities to stay up to date with the latest forensic tools, techniques, and methodologies. Contribute to the development of internal processes and support broader organizational initiatives. Provide after‑hours (on‑call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Your Expertise Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, industry certifications, or former professional experience as a Senior or Principal Forensic Consultant, Senior or Principal Cybersecurity Consultant, or as a Senior or Principal Incident Responder. Hold industry certifications or showcase equivalent professional experience as a Principal Consultant, highlighting a profound mastery of Digital Forensics and Incident Response. Previous experience in leading the forensic workstreams and teams ranging from 3‑4 in size on complex investigations. Demonstrate advanced proficiency in utilizing common digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK (Forensic Toolkit), Open‑Source, or comparable industry‑standard tools. Showcase professional experience in the effective use of network analysis and intrusion detection tools, exemplifying a deep understanding of their application in cybersecurity. Possess in‑depth knowledge of cybersecurity principles and best practices, underlining a comprehensive understanding of the intricacies of the cybersecurity landscape. Exhibit excellent problem‑solving skills and meticulous attention to detail, displaying an ability to navigate complex challenges with precision and thoroughness. Demonstrate the ability to work effectively under pressure, manage multiple competing priorities, and consistently meet tight deadlines, reflecting resilience and efficiency in high‑stakes scenarios. Display exceptional communication skills, both written and verbal, ensuring the ability to convey complex technical information clearly and comprehensively. Express eagerness to mentor, share knowledge, and actively contribute to the expansion of the team’s expertise, fostering a collaborative and growth‑oriented environment. Exhibit the capability to provide after‑hours (on‑call/weekend rotational) support as required, demonstrating a commitment to addressing critical incidents promptly and maintaining continuous coverage. Benefits for Full‑Time Surefire Cyber Team Members Competitive compensation plan and total rewards package for team members Generous paid time off plan and floating holidays Paid parental leave Employer paid premiums for both team members and their dependents for medical, dental, and vision Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits. Professional development and career advancement opportunities We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth. Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy‑related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances. #J-18808-Ljbffr