Principal Incident Response Consultant
The Crypsis Group is a respected security advisory firm with a vision to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is comprised of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics and information security. With a highly-successful track record of delivering mission critical cybersecurity solutions, we are experienced in working quickly to provide effective incident response, attack-readiness and remediation plans with a focus on providing long term support to improve our clients’ security posture.
Responsibilities for the Principal Incident Response Security Consultant include:
- Perform reactive incident response functions including but not limited to: host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
- Examine firewall, web, database, and other log sources to identify evidence of malicious activity. (end to end IR cases and investigations while regularly performing host-based analysis).
- Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation tools to determine source of compromises and malicious activity that occurred in client environments.
- Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations.
- Ability to perform travel requirements as need to meet business demands (on average 20%).
- Mentor team members in incident response and forensics best practices.
Qualifications for the Principal Incident Response Security Consultant include:
- 6+ years of incident response or digital forensics consulting experience with a passion for cyber security
- Strong leadership skills including experience managing a team or individuals
- Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front
- Proficient with host-based forensics and data breach response
- Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools
- Incident response consulting experience preferred
- Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field
Compensation for the Principal Incident Response Security Consultant includes:
- Competitive base salary with quarterly bonus plan
- Full Benefits: Competitive salary plus quarterly bonus opportunity
- Company Equity
- Approved Certification and Training Reimbursements
- Open Paid Time Off Policy
- Medical, Dental, and Vision Benefits
- 401K Employer Matching
- Flexible work schedule
FTK, Encase, Host-Based, Consulting, Computer Forensics, Malware, Ransomware, Volatility, Axiom, X-Ways, Cellebrite, Incident Response, CSIRT, Principal, Lead, Digital Forensics, Incident Detection