Required Principal Consultant, Reactive Services, DFIR (Unit 42)
Your Career
This role is client-facing and requires the Principal Consultant to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation.
Your Impact
Perform reactive incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
Examine firewall, web, database, and other log sources to identify evidence of malicious activity
Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Crypsis investigation tools to determine source of compromises and malicious activity that occurred in client environments
Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
Ability to perform travel requirements as needed to meet business demands (on average 20%)
Mentorship of team members in incident response and forensics best practices.
Requirements: 8+ years of incident response or digital forensics consulting experience with a passion for cyber security
Strong leadership skills including experience managing a team or individuals
Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front
Proficient with host-based forensics and data breach response
Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools
Incident response consulting experience required
Identified ability to grow into a valuable contributor to the practice and, specifically
have an external presence via public speaking, conferences, and/or publications
Have credibility, executive presence, and gravitas
Able to have a meaningful and rapid delivery contribution
Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
Collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
Bachelors Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field or equivalent military experience required.
This position is open to all candidates.