Surefire Cyber Inc. logo
Surefire Cyber Inc.

From Response to Resilience.

Principal Consultant, Digital Forensic and Incident Response

ConsultantConsultantFull TimeRemoteLeadTeam 11-50H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

2 days ago

Salary

$100K - $160K / year

Seniority

Lead

Bachelor DegreeEnglishCyber Security

Job Description

Principal Consultant, Digital Forensic and Incident Response

Surefire Cyber Inc.

• Represent Surefire Cyber as a skilled technical forensic and consulting expert for clients across diverse industries during active incident response engagements. • Leverage extensive experience and technical skills to play a pivotal role in detecting and analyzing intrusions, offering clear guidance to clients navigating high-pressure response situations, and providing after-hours support as needed. • Demonstrate genuine curiosity, a commitment to continuous learning, and contribute valuable insights to support the team's knowledge growth. • Forensically lead incident response engagements, working with other team members to guide clients through the entire incident response lifecycle from detection to recovery. • Conduct advanced forensic analysis to identify the scope and impact of security incidents meticulously and precisely, including malware analysis and reverse engineering when necessary. • Independently manage investigations ranging in size and complexity such as Business Email Compromises and Ransomware engagements. • Provide career development for a Forensic team consisting of 3-4 Consultants/Senior Consultants, by investing in their professional development conducting regular one-on-one conversations and providing guidance and recommendations on training opportunities. • Identify, articulate, and explain attack vectors, threat tactics, and attacker techniques to guide mitigation and prevention efforts. • Convey complex forensic findings to technical and non-technical stakeholders clearly and understandably. • Provide comprehensive supporting evidence for written reports detailing incident findings, and analysis. • Review, provide well thought out input, and provide guidance to other team members on forensic reports. • Collaborate with internal teams, external partners, and clients to refine and document incident response processes and best practices. • Spearhead research and development activities to stay up to date with the latest forensic tools, techniques, and methodologies. • Contribute to the development of internal processes and support broader organizational initiatives. • Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.

Job Requirements

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree
  • Hold industry certifications or showcase equivalent professional experience as a Principal Consultant, highlighting a profound mastery of Digital Forensics and Incident Response.
  • Previous experience in leading the forensic workstreams and teams ranging from 3-4 in size on complex investigations.
  • Demonstrate advanced proficiency in utilizing common digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK (Forensic Toolkit), Open-Source, or comparable industry-standard tools.
  • Showcase professional experience in the effective use of network analysis and intrusion detection tools, exemplifying a deep understanding of their application in cybersecurity.
  • Possess in-depth knowledge of cybersecurity principles and best practices, underlining a comprehensive understanding of the intricacies of the cybersecurity landscape.
  • Exhibit excellent problem-solving skills and meticulous attention to detail, displaying an ability to navigate complex challenges with precision and thoroughness.
  • Demonstrate the ability to work effectively under pressure, manage multiple competing priorities, and consistently meet tight deadlines, reflecting resilience and efficiency in high-stakes scenarios.
  • Display exceptional communication skills, both written and verbal, ensuring the ability to convey complex technical information clearly and comprehensively.
  • Express eagerness to mentor, share knowledge, and actively contribute to the expansion of the team's expertise, fostering a collaborative and growth-oriented environment.
  • Exhibit the capability to provide after-hours (on-call/weekend rotational) support as required, demonstrating a commitment to addressing critical incidents promptly and maintaining continuous coverage.

Benefits

  • Competitive compensation plan and total rewards package for team members
  • Remote workforce
  • Generous paid time off plan and floating holidays
  • Paid parental leave
  • Employer paid premiums for both team members and their dependents for medical, dental, and vision
  • Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits.
  • Professional development and career advancement opportunities
  • We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth.

Related Categories

Related Job Pages

More Consultant Jobs

Full TimeRemoteTeam 201-500Since 1996H1B No Sponsor

• Demonstrates the ability to understand a wide range of user requirements and design and develop basic solutions in Appian to meet these requirements. • Exhibits the ability to deliver complex development assignments efficiently and comprehensively. • Demonstrates increasing quality, speed, and overall productivity in their Appian development work.

United States
$65K - $75K / year
Full TimeRemoteTeam 51-200Since 1982H1B No Sponsor

• Conduct client workshops to map processes, identify improvements, and design optimized workflows for Sage X3. • Configure and customize Sage X3 modules using scripting and workflow design to meet client needs. • Manage data mapping, setup, and migration, ensuring accuracy and readiness for go-live. • Lead testing phases (unit, integration, UAT), troubleshoot issues, and ensure smooth ERP deployment. • Create user guides, deliver training, and provide ongoing support to client teams. • Collaborate with project managers and cross-functional teams to manage scope and deliverables. • Mentor junior consultants, review their work, and share knowledge to build team expertise. • Stay updated on Sage X3 advancements and industry best practices through training.

California
$115K - $166K / year
iShare Inc. logo

P2P Transformation Consultant

iShare Inc.

Claim your share of IT Driven Value

Consultant3 days ago
Full TimeRemoteTeam 11-50Since 2017H1B No Sponsor

• Assess current P2P processes and identify transformation opportunities. • Design future-state P2P operating models, policies, and controls. • Lead process improvements across Requisition-to-PO, Invoice-to-Pay, and Vendor Management. • Drive automation and digital transformation initiatives (Coupa, Oracle, AI/RPA). • Analyze P2P KPIs, process bottlenecks, and value-leakage opportunities. • Support stakeholder management, change management, and user adoption. • Develop business cases, transformation roadmaps, and implementation plans. • Ensure compliance with procurement policies, SOX controls, and governance requirements. • Collaborate with sourcing, procurement, AP, finance, and technology teams. • Track benefits realization, cost savings, and operational improvements.

United States
$60 / hour

Role Description We're looking for a Web Security Consultant who can help us build secure websites from the ground up. Security isn't something that should be addressed at the end of a project—it's something that should be considered throughout the entire development lifecycle. We're looking for someone who can help us establish best practices, identify potential risks before they become problems, and create repeatable standards that every project can follow. In this role, you'll work closely with our development team to review websites and web applications, ensure they meet current security standards, and build practical processes that improve consistency across every project. Our web environment is primarily built on WordPress, alongside other modern web technologies. Because of this, strong experience securing WordPress websites, plugins, themes, hosting environments, and deployment workflows is a significant advantage. Beyond identifying vulnerabilities, you'll help create documentation, checklists, and security guidelines that become part of our standard development workflow. Responsibilities - Reviewing websites and web applications to ensure they follow current web security best practices. - Conducting security reviews for WordPress websites and other web applications, identifying platform-specific risks and recommending practical remediation strategies. - Identifying security vulnerabilities and recommending practical remediation strategies. - Performing security reviews throughout the development lifecycle rather than only before launch. - Developing a standardized security checklist that becomes part of every new website project. - Creating internal documentation and security best practices for developers and project teams. - Advising developers on secure coding practices and common web application vulnerabilities. - Helping establish secure deployment, hosting, authentication, and access management standards. - Recommending security best practices for WordPress core updates, plugin management, user permissions, backups, and hosting configurations. - Working with project managers and technical teams to ensure security requirements are incorporated into project planning. - Staying current on evolving security threats, frameworks, and industry standards. - Supporting periodic security audits and continuous improvements across existing client websites. Qualifications - Web application security principles and secure development practices. - Familiarity with the OWASP Top 10 and common web application vulnerabilities. - Security reviews for modern web applications and websites. - Strong experience securing WordPress websites, including themes, plugins, user roles, hosting environments, and update strategies. - Authentication, authorization, session management, and access control best practices. - HTTPS, SSL/TLS, HTTP security headers, and Content Security Policy (CSP). - Security testing tools and vulnerability assessment methodologies. - Experience reviewing websites built with modern CMS platforms and JavaScript frameworks. - Strong documentation skills and experience developing internal standards or technical playbooks. - Excellent communication skills and the ability to explain technical concepts to both technical and non-technical stakeholders. What Success Looks Like - Every new website follows a consistent security review process before launch. - Developers have clear, practical security standards they can apply throughout development. - WordPress projects follow consistent security standards for deployment, maintenance, and ongoing updates. - Common vulnerabilities are identified and addressed early in the project lifecycle. - Internal security documentation and checklists become part of the agency's standard workflow. - Clients can trust that their websites are built according to current security best practices. - The studio continuously improves its security posture as technologies and threats evolve. Bonus Points - Penetration testing or vulnerability assessments. - Cloud hosting platforms such as AWS, Azure, or Google Cloud. - Web application firewalls (WAF) and CDN security. - DevSecOps practices and CI/CD security integration. - Compliance frameworks such as SOC 2, ISO 27001, GDPR, or PCI DSS. - Deep expertise in WordPress security, including hardening, plugin vulnerability management, hosting security, and performance/security best practices. - Shopify, Webflow, headless CMS, or modern JavaScript framework security. - Security automation and monitoring tools. Why Join Invisible Colors? At Invisible Colors, we build digital experiences that clients trust. Most of our web projects are built on WordPress, making security expertise in that ecosystem especially valuable. Security is a critical part of delivering quality work—not an afterthought. You'll help establish the standards and processes that shape how every website is built, giving our developers the tools and guidance they need to deliver secure, reliable solutions from day one. If you're passionate about making security practical, scalable, and integrated into modern web development, we'd love to hear from you.

Canada