DFIR Senior Cybersecurity Consultant (Remote)
The role of the Sr. Consultant at PNG Cyber involves conducting forensics work for all investigative cases assigned to the team and serving as the lead incident investigator overseeing cyber investigations. This consists of collecting and analyzing data, documenting the analysis processes and procedures, and updating the case manager on the analysis results for inclusion in client updates and reports. The Sr. Consultant must be capable of determining how a system or network was impacted during a cyber incident. The Sr. Consultant must be agile, multitask and switch focus regularly in a rapidly changing environment. In addition, the Sr. Consultant is expected to work towards technical excellence in at least one aspect of the job, such as forensics, tools, analysis, etc., and serve as a technical resource and mentor to the more junior members of the team.
Job Description:
Actively participate and lead forensic analysis during Incident Response and digital forensics engagements concerning ransomware, business email compromises, litigation support, and other cyber incidents.
Must be customer-service oriented and dedicated to resolving issues effectively and efficiently. Demonstrate the ability to listen to and understand the client's needs and communicate findings in a digestible format.
High-availability and responsiveness to deadlines.
Communicate and engage with threat actors to resolve cybersecurity incidents.
Take part in creating, developing, and introducing modern forensic techniques or solutions.
Collaborate with the team to ensure that forensics processes and procedures adhere to industry standards.
Ongoing self-development and training in best practices for incident response and computer forensics to attain technical and leadership excellence.
Produce high-quality technical reports. Conduct a thorough review of the report, focusing on grammar, spelling, formatting, and professionalism.
Qualifications and Required/Preferred Experience:
A Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Security, or other related fields is preferred, but not required.
3 to 7 years of relevant experience with a proven track record in leading data analysis related to ransomware, business email compromise, litigation support, and other cyber incidents.
Although we strive to enhance a healthy work-life balance, Incident Response often requires sporadic and unpredictable work hours. Weekend and non-traditional work hours are necessary for the position.
Professional certifications such as GCFE, GCFA, GCIH, GNFA, GASF, CISSP, and other relevant certifications are preferred.
Extensive knowledge and experience utilizing forensic tools, software, and methodologies.
Proficient in scripting languages: C, C++, Visual Basic, Python, PowerShell, and bash scripting are desirable, but not required.
Working on internal projects such as coding, scripting, documentation, and creating tools related to innovation and automation.
Assist with EDR deployment, monitoring, and triage collection.
