Principal Consultant, DFIR

Job not on LinkedIn

September 9

Apply Now

Receive Emails with Similar Jobs

Palo Alto Networks

WebsiteLinkedInAll Job Openings

Cybersecurity • Enterprise • AI

Palo Alto Networks is a leading cybersecurity company that offers a comprehensive suite of products and services designed to protect networks, cloud environments, and enterprise operations from cyber threats. The company's offerings include advanced threat prevention, network security, cloud security, IoT security, endpoint protection, and managed detection and response services. With a strong emphasis on AI-driven security operations and zero trust architectures, Palo Alto Networks is recognized as a leader in enterprise firewall solutions and other areas of cybersecurity across numerous sectors worldwide. The company provides expertise in threat intelligence, incident response, and proactive assessment to help organizations secure their infrastructure and data. Their solutions cater to a variety of industries, including financial services, healthcare, manufacturing, and the public sector. Palo Alto Networks is committed to advancing cybersecurity with AI-powered precision to ensure comprehensive protection and efficient threat response.

10,000+ employees

Founded 2005

🔒 Cybersecurity

🏢 Enterprise

💰 $10M Series C on 2008-11

📋 Description

• Lead and produce deliverables for reactive services client engagements (incident response/DFIR) • Work directly with multiple customers and stakeholders (Admins, C‑Suite) to manage incident response engagements • Perform reactive incident response functions including host-based analysis on Windows, Linux, and Mac systems to identify IOCs • Examine firewall, web, database, and other log sources to identify evidence of malicious activity • Investigate data breaches leveraging forensics tools (EnCase, FTK, X‑Ways, SIFT, Splunk, custom tools) to determine source of compromise • Manage engagements to scope work, guide clients through investigations, contain incidents, and provide remediation recommendations • Mentor team members in incident response and forensics best practices • Weekend work schedule Friday–Monday (10 hr days/40 hr week) and ability to travel ~20% as needed

🎯 Requirements

• 8+ years of incident response or digital forensics consulting experience • Strong leadership skills including experience managing a team or individuals • Experience leading complicated engagements including scoping and client interfacing • Proficient with host-based forensics and data breach response (Windows, Linux, Mac OS X) • Experience with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, Wireshark, TCPDump, and open source forensic tools • Incident response consulting experience required • Ability to perform travel requirements as needed (on average 20%) • Mentorship experience in incident response and forensics best practices • Identified ability to contribute externally via public speaking, conferences, and/or publications • Bachelor's Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field or equivalent military experience required • Eligibility for UK Security Check (SC) Clearance: spent the last five years in the UK and British citizenship required

🏖️ Benefits

• FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees • Mental and financial health resources • Personalized learning opportunities • Development and personal wellbeing programs • Reasonable accommodations for all qualified individuals with a disability • Inclusive equal opportunity employment practices