Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Incident Response Consultant

$100.2k - $164.1k

Zurich Insurance Group

This role joins SpearTip, the cybersecurity consulting segment within Zurich Resilience Solutions. Blending cutting-edge technologies, unique skill sets, and proven cyber counterintelligence strategies, SpearTip partners with our clients to protect shareholder value, shield corporate reputations, and enhance long-term profits. We are driven to protect our clients from the ever-changing threat actors and become the gold standard in detecting zero-day vulnerabilities. In this role you make work virtual within the U.S. and extend up to 20% travel.

As a Senior Incident Response Consultant, you will deliver expert incident response and digital forensics services to external clients experiencing cyber security incidents. Leads complex investigations, provides strategic guidance during security breaches, and drives incident containment and recovery efforts. Maintains 75% billable utilization while delivering exceptional client service and building long-term client relationships. The job's core deliverables rely on delivering expert consulting services to external clients during high-stress security incidents. Requires building trust with C-level executives, IT leaders, legal counsel, and insurance partners while managing complex multi-stakeholder relationships during crisis situations.

Key Accountabilities:

  • Lead incident response engagements for external clients, conducting digital forensics investigations, malware analysis, and threat actor attribution to identify scope, impact, and root cause of security incidents.
  • Provide 24/7 on-call emergency response services, rapidly deploying to client sites or remotely connecting to contain active threats, preserve evidence, and minimize business disruption.
  • Conduct comprehensive forensic examinations of compromised systems, networks, and cloud environments using industry-standard tools and methodologies to support client remediation and potential legal proceedings.
  • Deliver executive-level briefings and written reports to clients, translating complex technical findings into business impact assessments and actionable recommendations.
  • Coordinate with client stakeholders including IT teams, legal counsel, insurance carriers, law enforcement, and executive leadership to manage incident response activities and communication strategies.
  • Provide expert guidance on ransomware negotiations, business email compromise investigations, insider threat cases, and advanced persistent threat incidents.
  • Develop and deliver incident response retainer services, conducting proactive readiness assessments, tabletop exercises, and security program evaluations for client organizations.
  • Mentor junior consultants and analysts, providing technical guidance and quality assurance on client deliverables.
  • Maintain detailed case documentation, time tracking, and engagement status reporting to ensure accurate billing and project management.
  • Partner with insurance brokers, managed service providers, and law firms to provide incident response services as part of cyber insurance claims and breach response protocols.
  • Stay current on emerging threats, attack techniques, and forensic methodologies through continuous research and professional development.
  • Contribute to thought leadership initiatives including blog posts, conference presentations, and client education materials.
  • Business Travel, as required (may be extensive during active incidents) as well as extended hours during Active Incidents/24x7 On-call Rotation, flexible scheduling to accommodate client emergencies and time-sensitive investigations, as required.
Additional Business Accountabilities:
  • Develop scopes of work and cost estimates for incident response engagements, ensuring projects are appropriately resourced and profitably delivered.
  • Identify opportunities for expanded client engagements based on investigation findings, security gaps, and client needs.
  • Support business development activities including client presentations, capability demonstrations, and proposal development for new and existing clients.
  • Ensure all client deliverables meet quality standards and are delivered within agreed timelines and budgets.
Basic Qualifications:
  • Bachelors degree and 5 or more years experience in the Information Technology area
    OR
  • Zurich Cybersecurity Technician Apprentice, including Cyber Security Certification and 6 or more years experience in the Information Technology area
    OR
  • High School Diploma or Equivalent and 7 or more years experience in the Information Technology area
    AND
  • MS Office experience
    AND
  • Knowledge of Cyber Security Operations
Preferred Functional/Technical Skills Qualifications:
  • Digital Forensics & Incident Response - Proficiency Level Advanced
  • Threat Intelligence & Malware Analysis - Proficiency Level Intermediate
  • Client Communication & Stakeholder Management - Proficiency Level Advanced
  • Windows/Linux System Forensics - Proficiency Level Advanced
  • Network Forensics & Log Analysis - Proficiency Level Intermediate
  • Cloud Security (Azure/AWS/M365) - Proficiency Level Intermediate
  • Forensic Tool Proficiency (EnCase, FTK, X-Ways, Volatility, etc.) - Proficiency Level Advanced
  • Ransomware & BEC Investigations - Proficiency Level Advanced
  • Report Writing & Executive Communication - Proficiency Level Advanced
  • Project Management - Proficiency Level Intermediate

Your pay at Zurich is based on your role, location, skills, and experience. We follow local laws to ensure fair compensation. You may also be eligible for bonuses and merit increases. If your expectations are above the listed range, we still encourage you to apply-your unique background matters to us. The pay range shown is a national average and may vary by location. The proposed Salary range for this position is $100,200.00 - $164,100.00, with short-term incentive bonus eligibility set at 15%.


We offer competitive pay and comprehensive benefits for employees and their families. [Learn more about Total Rewards here.]

Why Zurich?

At Zurich, we value your ideas and experience. We offer growth, inclusion, and a supportive environment-so you can help shape the future of insurance. Zurich North America is a leader in risk management, with over 150 years of expertise and coverage across 25+ industries, including 90% of the Fortune 500®.

Join us for a brighter future-for yourself and our customers.

Zurich in North America does not discriminate based on race, ethnicity, color, religion, national origin, sex, gender expression, gender identity, genetic information, age, disability, protected veteran status, marital status, sexual orientation, pregnancy or other characteristics protected by applicable law. Equal Opportunity Employer disability/vets.

Zurich complies with 18 U.S. Code § 1033.

Please note: Zurich does not accept unsolicited CVs from agencies. Preferred vendors should use our Recruiting Agency Portal.

Location(s): AM - Missouri Virtual Office, AM - Remote Work (US)
Remote Working: Hybrid
Schedule: Full Time
Employment Sponsorship Offered: No


Linkedin Recruiter Tag: #LI-AW1 #LI-ASSOCIATE #LI-REMOTE
Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Senior Incident Response Consultant in United States vacancy
  • $100.2k - $164.1k

     ...Senior Incident Response Consultant 133254 This role joins SpearTip, the cybersecurity consulting segment within Zurich Resilience Solutions. Blending cutting-edge technologies, unique skill sets, and proven cyber counterintelligence strategies, SpearTip partners with... 
    Senior
    Full time
    Temporary work
    Apprenticeship
    Local area
    Remote work
    Visa sponsorship
    Flexible hours

    Zurich NA

    Richmond, VA
    4 days ago
  • $90k - $120k

     ...About Surefire Cyber Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber...  ...efficiency, predictability, and transparency Job Title: Senior Consultant, Digital Forensics and Incident Response (DFIR)... 
    Senior
    Remote job
    Full time
    Local area
    Flexible hours
    Weekend work

    Surefire Cyber Inc.

    Remote
    more than 2 months ago
  •  ...breach remediation and cyber-attack first response, we consistently deliver results that...  ...Responsibilities: ~ Engage on behalf of CYPFER in incident response tasks, interacting with various...  ...~ Exhibit strong customer service and consulting skills. ~ Adhere to client and... 
    Suggested
    Remote work
    Weekend work

    CYPFER

    Houston, TX
    21 hours ago
  • $103.7k - $134.2k

     ...Greensboro, NC 2-5 days per week. Technical Summary: The Incident Handler supports the monitoring, investigation, and triage of...  ...Defense Center teams to communicate findings, support incident response processes, and contribute to ongoing security operations and escalation... 
    Suggested
    Full time
    Work experience placement
    Work at office
    Flexible hours
    Shift work
    2 days per week

    Kaiser Permanente

    Greensboro, NC
    3 days ago
  •  ...A leading consulting firm is seeking a Security Operations Lead to oversee SOC functions and manage a team of Analysts and Engineers...  ...of cybersecurity experience with specific expertise in incident response, threat hunting, and SIEM technologies like Splunk and ExtraHop... 
    Senior

    Accenture

    Washington DC
    3 days ago
  •  ...EmergencyMD is seeking a Lead Incident Responder for a potential government client. This role will involve leading incident response operations, managing complex threats, and ensuring compliance with federal cybersecurity frameworks. The candidate must have a Bachelor... 
    Senior

    EmergencyMD

    Washington DC
    4 days ago
  •  ...contract opportunity in Houston, TX. The ideal candidate will have over five years of experience in the security domain, including incident response and threat monitoring. Responsibilities include performing security monitoring, incident response, and determining detection... 
    Senior
    Contract work

    Wavestrong

    New York, NY
    3 days ago
  •  ...Phase2 Technology is seeking a Cyber Incident Response Business Development Senior Manager to lead the growth of our Incident Response business. This role will engage key stakeholders, maintain relationships, and drive the business development process through strategic... 
    Senior

    Phase2 Technology

    Detroit, MI
    4 days ago
  •  ...Booz Allen is seeking a Cyber Incident Response Business Development Senior Manager to drive growth in their incident response business. You will engage with stakeholders and manage strategic partner relationships while contributing to innovative solutions in a dynamic... 
    Senior

    Phase2 Technology

    Crane, IN
    4 days ago
  •  ...Cortek, Inc. is seeking a Senior Analyst-CBRN in Washington, DC, to support the Office of WMD Response and Planning. This position involves coordinating interagency engagements...  ...enhancing foreign capabilities against CBRN incidents. Applicants must have an active Top-Secret... 
    Senior
    Work at office

    CORTEK Inc

    Washington DC
    4 days ago
  •  ...Phase2 Technology is looking for a Cyber Incident Response Business Development Senior Manager to contribute to the growth of its incident response business. In this role, you will engage with key stakeholders and lead efforts to establish and maintain strategic partner... 
    Senior

    Phase2 Technology

    Melbourne, FL
    3 days ago
  •  ...Ernst & Young Oman is seeking a senior Cyber Triage and Forensics Incident Analyst in Tallahassee, Florida. You will be responsible for security incident response, performing digital forensics, and analyzing security incidents. Ideal candidates have at least 5 years of... 
    Senior

    Ernst & Young Oman

    Tallahassee, FL
    3 days ago
  •  ...Phase2 Technology is looking for a Cyber Incident Response Business Development Senior Manager to lead efforts in expanding their incident response business. This role involves engaging with key stakeholders, managing strategic relationships, and driving business development... 
    Senior

    Phase2 Technology

    Topeka, KS
    2 days ago
  •  ...Ernst & Young Oman is seeking a Cyber Triage and Forensics Incident Analyst to be a key member of the security incident response team. The role involves handling security incidents, performing forensic analysis, and coordinating remediation efforts. Ideal candidates should... 
    Senior

    Ernst & Young Oman

    Boston, MA
    4 days ago
  •  ...have four years in casino security or law enforcement and one year in a supervisory role. Your responsibilities include training Security Officers, responding to incidents, and ensuring reports are accurate. Strong communication skills and computer proficiency in Microsoft... 
    Senior
    Work at office
    Local area

    Station Casinos

    Las Vegas, NV
    1 day ago
  • $87.7k - $164k

     ...Ernst & Young Oman is looking for a Cyber Triage and Forensics (CTF) Incident Analyst to join their team in Minneapolis, Minnesota. This role involves leading the technical team in security incident responses while performing digital forensic analysis and malware... 
    Senior

    Ernst & Young Oman

    Minneapolis, MN
    3 days ago
  •  ...Phase2 Technology is on the lookout for a Cyber Incident Response Business Development Senior Manager who will lead the business development efforts in a dynamic and fast-paced environment. The ideal candidate will leverage their extensive experience in sales and incident... 
    Senior

    Phase2 Technology

    Huntsville, AL
    4 days ago
  • $87.7k - $164k

     ...Ernst & Young Oman is seeking a Cyber Triage and Forensics Incident Analyst in Olympia, Washington. In this role, you will be a senior member of the security incident response team, performing forensic analysis and managing security incidents. The ideal candidate will... 
    Senior

    Ernst & Young Oman

    Olympia, WA
    4 days ago
  • To enhance cybersecurity operations, the full-time Senior Cyber Incident Response Engineer will design and automate systems for detecting, investigating, containing, and recovering from incidents while working remotely. Key Responsibilities: Design and improve automated... 
    Senior
    Remote work

    VirtualVocations

    Des Moines, IA
    1 day ago
  •  ...seeking an IT Security Analyst II to enhance its cybersecurity defense team. This role focuses on proactive threat detection and incident response, collaborating with IT and security teams to minimize impact. The ideal candidate has a Bachelor's degree in Computer Science... 
    Senior

    VSE Aviation GmbH

    Florida, NY
    4 days ago
  • $87.7k - $164k

     ...Ernst & Young Oman is seeking a Cyber Triage and Forensics Incident Analyst responsible for security incident response. This role involves investigating and analyzing security incidents, conducting digital forensic analysis, and coordinating responses. Candidates should... 
    Senior

    Ernst & Young Oman

    Topeka, KS
    3 days ago
  • $87.7k - $164k

     ...Ernst & Young Oman is seeking a Cyber Triage and Forensics Incident Analyst in Salem, Oregon. The role involves responding to security...  ...Degree in a relevant field and 5+ years of experience in incident response and digital forensics. This position offers a competitive... 
    Senior

    Ernst & Young Oman

    Salem, OR
    3 days ago
  • $87.7k - $164k

     ...Ernst & Young Oman is seeking a Cyber Triage and Forensics (CTF) Incident Analyst in Honolulu, Hawaii. The role involves responding to...  ...a related field and at least 5 years of experience in incident response. A competitive salary range of $87,700 to $164,000 based on experience... 
    Senior

    Ernst & Young Oman

    Honolulu, HI
    3 days ago
  • $87.7k - $164k

     ...Charleston, West Virginia is seeking a Cyber Triage and Forensics (CTF) Incident Analyst to join their team. This role involves responding to...  ...in a relevant field and 5+ years of experience in incident response or related areas. EY offers an inclusive environment and... 
    Senior

    Ernst & Young Oman

    Charleston, WV
    4 days ago
  • $87.7k - $164k

     ...Ernst & Young Oman is seeking a skilled Cyber Triage and Forensics Analyst to manage security incident responses. This role requires strong problem-solving skills and proficiency in digital forensics and incident management. You will investigate incidents, analyze systems... 
    Senior

    Ernst & Young Oman

    San Francisco, CA
    3 days ago
  • $87.7k - $164k

     ...Ernst & Young Oman is seeking a Cyber Triage and Forensics Incident Analyst in Montgomery, Alabama. In this role, you will be a senior member of the security incident response team, investigating and resolving security incidents. You must possess a Bachelor's or Master... 
    Senior

    Ernst & Young Oman

    Montgomery, AL
    3 days ago
  • $87.7k - $164k

     ...Oman is looking for a Cyber Triage and Forensics Incident Analyst to join its team in Carson City, Nevada. This senior role involves responding to security incidents,...  ...to hunt for threats. The candidate will be responsible for investigating incidents, coordinating response... 
    Senior
    Flexible hours

    Ernst & Young Oman

    Carson City, NV
    3 days ago
  •  ...Ernst & Young Oman is seeking a Cyber Triage and Forensics Incident Analyst in Rochester, NY. This senior role focuses on security incident response, including digital forensic analysis and malware analysis. Candidates should have a Bachelor's or Master's degree and at... 
    Senior
    Flexible hours

    Ernst & Young Oman

    Rochester, NY
    4 days ago
  • $87.7k - $164k

     ...Young Oman is seeking a Cyber Triage and Forensics Incident Analyst in Jefferson City, Missouri. This senior role will involve responding to security incidents...  ...and have over 5 years of experience in incident response and computer forensics. A competitive salary range... 
    Senior
    Flexible hours

    Ernst & Young Oman

    Jefferson City, MO
    3 days ago
  •  ...JOB PURPOSE: The primary purpose of the Compliance Rapid Response Senior Nurse Consultant is to support long-term care centers in achieving and sustaining regulatory compliance by conducting mock surveys, identifying areas of risk, and guiding teams through proactive... 
    Senior

    PruittHealth

    Raleigh, NC
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Incident Response Consultant. Be the first to apply!