Principal Consultant, DFIR, Reactive Services – Weekend Shift

🔥 0 minutes ago

🏄 California – Remote

🏄 California – Remote

💵 $151k - $208k / year

⏰ Full Time

🔴 Lead

💻 Frontend Engineer / Web Developer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Palo Alto Networks

WebsiteLinkedInAll Job Openings

10,000+ employees

🔒 Cybersecurity

🏢 Enterprise

💰 $1M Seed Round - Morta Security on 2013-02

Cybersecurity • Enterprise

Palo Alto Networks is a global cybersecurity company that provides AI-driven platforms, products, and services to protect networks, cloud workloads, endpoints, and applications. Its portfolio includes next-generation firewalls, SASE and Prisma Cloud (CNAPP) offerings, the Cortex security operations suite (XDR, XSOAR, XSIAM), and Unit 42 threat intelligence and incident response services. Palo Alto Networks helps enterprises secure AI deployments, automate SOC workflows, and prevent, detect, and respond to sophisticated threats across hybrid and multi-cloud environments.

📋 Description

• Lead digital forensics and incident response investigations across enterprise environments • Serve as a technical lead on incident response engagements • Conduct host, network, and cloud investigations to identify root cause, attacker activity, and scope of compromise • Perform forensic acquisition and analysis of systems, memory, logs, and endpoint telemetry • Utilize industry-standard DFIR tools and methodologies to support incident containment and recovery • Deliver clear findings and remediation guidance to clients and stakeholders • Support development of DFIR playbooks, tools, and investigative methodologies • Mentor team members and contribute to knowledge sharing across Unit 42

🎯 Requirements

• Bachelor's degree or equivalent practical experience • 6–8+ years of experience in DFIR, incident response, security operations, or related cybersecurity disciplines • Experience investigating ransomware, intrusion activity, and other enterprise-scale security incidents • Strong understanding of forensic acquisition, evidence handling, and investigative methodologies • Hands-on experience with DFIR tools such as EnCase, FTK, SleuthKit, Volatility, or equivalent frameworks • Experience investigating Windows, Linux, and macOS environments • Strong analytical, problem-solving, and client-facing communication skills

🏖️ Benefits

• Restricted stock units • Bonus