CAREERS
DFIR Senior Cybersecurity Consultant I, II, III​ (Remote)
The role of the Sr. Consultant at PNG Cyber is to perform advanced forensics work for all investigative cases assigned to the team and to be a lead incident investigator overseeing technical investigations. This includes working with system event logs, triaging image artifacts, collecting data and creating legible analysis notes, and funneling data up to their case manager for inclusion in client updates and reports. The Sr. Consultant must be capable of determining how a computer was compromised, how a computer crime was committed and must be capable of recovering lost, deleted, damaged or otherwise manipulated files and artifacts from a computer system. The Sr. Consultant must be agile and able to both multitask and switch focus regularly in a rapidly changing environment. In addition, the Sr. Consultant is expected to be working towards technical excellence in at least one aspect of the job – such as forensics, tools, analysis, etc. as well as to serve as a technical resource and mentor to the more junior members of the team.
​
Job Description:
-
Take an active part in Incidence Response and Digital Forensics related to ransomware, network breaches and unauthorized access of data, Business Email Compromises (BEC), IP theft, workplace & employment issues related investigations
-
Excellent customer service with clients is integral to the role including clear, efficient communication throughout the project lifecycle and the ability to listen and understand the needs of the client and to communicate findings to your case manager
-
High-availability and responsiveness to deadlines
-
Ability to triage multiple cases simultaneously
-
Negotiate and engage with attackers/threat actors to resolve cybersecurity incidents
-
Take part in the creation, development and introduction of modern forensic techniques or solutions
-
Continuous self-development and training regarding best practices in incident response and computer forensics to achieve technical excellence
-
Perform audits of computer systems and networks
-
Produce quality, written technical reports
​
Qualifications and Required/Preferred Experience
-
A Bachelor’s/Master’s degree in Cyber Security, Computer Science, Information Security, or other related fields is preferred
-
3-7 years of relevant experience described above
-
Prior experience in consulting and interacting with customers/clients in the private sector is a plus.
-
Professional certifications: CompTIA, SANS, EnCE, CISSP, CEH, OSCP and any other relevant security certifications are desirable
-
Familiarity with Windows, Linux, Mac, and UNIX systems
-
Ability to extract logs and artifacts from the operating systems described above
-
Experience operating with the O365 framework at Microsoft
-
Collect and triage images of systems in a remote environment
-
An understanding of encryption methods/algorithms and communication protocols
-
Ability to work with industry standard forensic tools
-
Ability to work with clients remotely to assist with running tools in their environment
-
Proficient in scripting languages: C, C++, Visual Basic, Python, PowerShell, bash scripting are desirable
-
Working internal projects such as coding, scripting, documentation and creating internal tools related to innovation and automation
-
Assist with EDR product deployment (staging, installation, configuration)