Principal DFIR Consultant

🕒 May 19

🇺🇸 United States – Remote

💵 $122.3k - $269.5k / year

⏰ Full Time

🔴 Lead

💼 Consultant

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Tokio Marine HCC

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

🤝 B2B

💸 Finance

B2B • Finance

Tokio Marine HCC is a global specialty insurance and reinsurance group that underwrites more than 100 classes of specialty insurance across 180+ countries. The company offers a wide range of commercial products—including accident & health, aviation, casualty, cyber & tech, energy, marine, travel, crop, and transactional risk—serving brokers, enterprises, and program partners. With strong financial ratings (AM Best A++ / Fitch AA- / S&P A+) and a multi-billion dollar premium base, Tokio Marine HCC combines underwriting expertise, program management, and claims services as part of the Tokio Marine Group.

📋 Description

• Provide critical technical expertise in digital forensics and incident response for TMHCC insureds • Conduct forensic analysis, support containment and recovery, and help insureds understand the scope and impact of cyber incidents • Analyze logs, network data, and systems artifacts, working collaboratively with senior responders to resolve active incidents and prevent recurrence • Support the recruitment and development of a high-performing DFIR team • Act as the “Incident Commander” for insureds or their representatives during cyber incidents, providing clear communication, recovery direction, and/or updates on investigation progress • Lead incident response activities during cyber security breaches, including initial triage, threat assessment, containment, eradication, and recovery phases • Develop and maintain comprehensive incident response plans aligned with industry best practices • Conduct post-incident analysis to identify root causes and implement preventive measures to mitigate future risks • Provide expert technical guidance on digital forensics methodologies, evidence collection, analysis, and reporting • Identify new business opportunities and contribute to strategies to expand the DFIR service offerings

🎯 Requirements

• Minimum 4 year / bachelor’s degree in cyber security, Computer Science, Information Technology related degree or relevant professional work experience • 5 years former professional experience in leading and managing DFIR team and managing active cybersecurity engagements, including incident response, digital forensics investigations and working with insureds / clients and legal counsel • Advanced degrees or certifications (CISSP, CISM, GCFE, GCFA, GREM, GBFA, GCIH, CFCE, CCE) are a plus • 2 years prior people management or team leadership roles • Experience in conducting security investigations in Linux and Windows environments • Understanding of cloud platforms and security considerations within AWS (Amazon Web Services), Azure, Microsoft 365, and GCP (Google Cloud Platform) • Knowledge of digital forensic artifacts and tools such as ELK, Axiom, Encase, X-Ways, SIFT, FTK (Forensic Tool Kit), Volatility, or Open-Source tools • Experience in Digital Forensics, Network Forensics, Memory Forensics, and/or Malware Analysis • Scripting skills (PowerShell, Bash, Python, Go) • Experience with EDR solutions (Defender, SentinelOne, CrowdStrike) • Strong understanding of legal and regulatory frameworks related to cyber security investigations such as PCI, NIST CSF, or other industry-specific regulations • Excellent communication and presentation skills to clearly and concisely communicate complex technical findings to clients and stakeholders • Strong leadership abilities to motivate and mentor team members • Superior organizational and analytical skills; demonstrated ability to manage multiple tasks simultaneously • Knowledgeable of industry changes, legal updates, and technical developments related to applicable area of the Company’s business to proactively respond to changing business environment • Advanced proficiency and experience using Microsoft Office package (Excel, Access, PowerPoint, Word)

🏖️ Benefits

• subsidized medical, prescription, dental, vision and basic life and disability insurance • employee assistance program • paid parental leave • 401(k) plan with Company matching contributions • educational/loan assistance • at least 20 days of PTO, prorated • approximately 11 paid holidays • one paid volunteer day • two paid floating holidays