DFIR Consultant​/Senior DFIR Consultant - Remote; U.S

Position: DFIR Consultant / Senior DFIR Consultant - Remote (Anywhere in the U.S.) DFIR Consultant / Senior DFIR Consultant – Remote (Anywhere in the U.S.) Job Overview GuidePoint Security’s Digital Forensics & Incident Response Practice (DFIR) provides comprehensive incident response services across various sectors. Key practice areas include: • Reactive Incident Response Investigations • Forensic Investigations • Proactive Threat Discovery & Threat Hunting • Purple Team Exercises (Blue Team in collaboration with GuidePoint Red Team) Responsibilities • Operate as a technical resource and participate in DFIR investigations. • Communicate effectively, manage time, and collaborate with peers. • Author comprehensive engagement deliverables tailored to technical and managerial audiences, detailing findings, recommendations, and remediation strategies. • Foster client relationships through support and guidance. • Utilize automation, orchestration, and scripting to reduce manual processes and enable new capabilities. • Contribute to integration of open‑source and commercial tools to improve DFIR processes and procedures. • Perpetually strengthen relevant skills and knowledge to stay at the forefront of the information security industry. • Maintain a strong desire to learn, adapt, and improve within a rapidly‑growing company. • Perform other duties as assigned. Qualifications • Two (2+) years of experience performing incident response investigations (DFIR Consultant). • Four (4+) combined years of IT and information security experience. • Four (4+) years of experience performing incident response investigations (Senior DFIR Consultant). • Six (6+) combined years of IT and information security experience. Preferred Qualifications • Prior experience in a Consulting Services role. • Experience with DFIR methodology and process. • Core capabilities: network traffic analysis, host forensics, malware handling/triage, log review, BEC analysis. • Experience with industry‑related solutions including EDR, NDR, XDR, SIEM, firewall, NGAV, Velociraptor, and others. • Experience with common programming languages: Power Shell, Python, BASH, Go, or others. • Experience with cloud technologies: AWS, G Suite, M365, Azure. • Awareness of attacker techniques, advanced threat groups, and integration of intelligence into an investigation. • Relevant certifications: CISSP, GCIA, GCIH, GDAT, GCFE, GFCA, etc. Benefits • Remote workforce (U.S. based). • Group medical and dental insurance with heavy employer contributions. • 12 corporate holidays and Flexible Time Off program. • Health mobile phone and home internet allowance. • Pet benefit option. • Eligibility for retirement plan after 2 months. • Other perks as described. #J-18808-Ljbffr Apply tot his job