Senior Consultant - Digital Forensics Incidence Response (DFIR)

Advantage Resourcing

Job Description

Full Time Permanent Opportunity with a growing Cyber Security Consulting firm. 100% remote.

This position is for a Senior Consultant role on our DFIR team. Your primary role will be leading a team helping customers prepare for and respond to computer security breaches and will need to be prepared to work with both small and large organizations of varying levels of technical maturity. The teams work is a mix of onsite breach investigations, remote analysis, running table top exercises and attack simulations, testing detection and response tools and implementations and assisting in the writing of Incident Response Plans. 

Experience Requirements, the ideal applicant will:

Have several years of experience in digital forensics and/or incident response.
Is happy to work independently, and get engaged in online chats with a globally distributed team.
Have experience with investigating compromises involving large enterprise environments, web applications and credit card processing environments.
Experience with forensic tools, you will have access to Encase, W-ways, Axiom, Carbon Black and Cyber Reason along with whatever open source tools you prefer and other commercial tools.

Skill Requirements

Must be fluent in English, both written and spoken.  
Be a fast and lifelong learner
Be comfortable chasing malware through systems and familiar with persistence mechanisms, injection methods and detection/evasion techniques.
Ability to foster and develop strong client relationships.
Be able to decode base64 in their head and write a python script before breakfast.
Knowledge of key forensic artifacts in both Windows and *Nix systems. Be able to articulate their significance to an investigation.
Experience with scripting in Perl/Python/Ruby very desirable.
Experience with both desktop-based and server-based forensics.
Comfortable working in a *nix environment.

Bonus experience
Contributions to the DFIR community, Blog, twitter, git repos.
Conference presentations.
Penetration testing experience.
Knowledge of and demonstrable experience with a wide range of different attack tools.
Application testing skills.
Reverse engineering skills.

Other Requirements

Demonstrated leadership experience
Strong report writing skills 
Strong communications skills


About Advantage Resourcing

Advantage Resourcing is committed to providing equal employment opportunity for all persons regardless of race, color, religion (including religious dress and grooming practices), sex, sexual orientation, gender, gender identity, gender expression, age, marital status, national origin, ancestry, citizenship status, pregnancy, medical condition, genetic information, mental and physical disability, political affiliation, union membership, status as a parent, military or veteran status or other non-merit based factors. We will provide reasonable accommodations throughout the application, interviewing and employment process. If you require a reasonable accommodation, contact us. Advantage Resourcing is an E-Verify employer. This policy is applicable to all phases of the employment relationship, including hiring, transfers, promotions, training, terminations, working conditions, compensation, benefits, and other terms and conditions of employment.

All employees are directed to familiarize themselves with this policy and to act in accordance with it. All decisions with respect to employment matters and other phases of employer-temporary employee relationships will be in keeping with this policy and in accordance with all applicable laws and regulations.

Job Requirements