Principal Consultant, DFIR, Reactive Services

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Oversee and direct incident response engagements, which involve defining project scope, guiding clients during forensic investigations, and managing the containment of security incidents.

• Conduct reactive incident response and perform host-based analysis across Windows, Linux, and Mac OS X systems to detect Indicators of Compromise (IOCs).

• Analyze firewall, web, database, and various log sources to uncover evidence of malicious activities and potential attack vectors.

• Investigate data breaches utilizing forensic tools such as EnCase, FTK, X-Ways, SIFT, and Splunk to ascertain the origin and extent of compromises.

• Deliver clear, actionable recommendations to clients aimed at long-term remediation and enhancement of their security posture.

• Collaborate with internal teams and external partners to ensure alignment and provide comprehensive solutions.

• Serve as a mentor for junior team members, imparting knowledge on incident response and best practices in digital forensics.

⛳️ Requirements

• A bachelor's degree with 8 years of relevant experience, a master's degree with 6 years of experience, or a PhD with 3 years of experience in Information Security, Computer Science, Digital Forensics, or a related discipline.

• Proficiency in English and Spanish is required, with Portuguese being an advantage.

• Proven experience in incident response or digital forensics consulting.

• Expertise in host-based forensics and methodologies for responding to data breaches.

• Practical experience with forensic tools such as EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, or WireShark.

• Willingness to travel as required to support business needs, with an average travel expectation of up to 20%.

🏝️ Benefits

• Health insurance

• Retirement plans

• Paid time off

• Flexible work arrangements

• Professional development