Incident Response Principal Consultant

Incident Response Principal Consultant ConsultNet is seeking an Incident Response Principal Consultant to support one of our customers by working closely with their security team to design, implement, and mature enterprise security and incident response capabilities. The ideal candidate is highly technical, collaborative, and experienced in building and improving detection, monitoring, and response solutions across complex environments. Key Responsibilities • Work with the customer to establish a mature insider threat monitoring capability across Windows, Linux, and containerized environments • Develop detection logic within the customer's SIEM solution • Support the migration of detection logic, queries, and visualizations into a new SIEM platform • Improve incident response processes and operational efficiency • Support Tier 1 Security Operations with investigations and response activities • Enhance early detection and mitigation of security risks • Collaborate with stakeholders to address complex security challenges • Assist with monitoring systems that support auditing, incident response, and system health Required Education & Experience • Current (Active) Top Secret Security Clearance with SCI and CI Polygraph. • Bachelor's degree in Computer Science, Engineering, Information Assurance, or a related discipline • Additional experience may substitute for a degree • 10+ years of relevant experience in security operations, incident response, or related roles • Hands-on experience with SIEM solutions such as Splunk, Kibana, or similar tools • Experience with log telemetry structure and logic across Windows, Linux, and containerized environments • Experience migrating schema mappings between SIEM platforms • Demonstrated proficiency with query languages • Experience working with cloud service providers such as AWS, Azure, or Google Cloud • Experience deploying and configuring data collection from operating systems, networking devices, and container platforms • Experience creating dashboards, analytics, and alerts within SIEM tools • Familiarity with the OSINT framework and related tools • U.S. citizenship required to meet eligibility requirements for access to sensitive information Welcome to ConsultNet and the family of companies, Tekne, SaltClick, TechBridge, and OmniMedia. As a premier national provider of technology talent and solutions, our expertise spans across project services, contract-to-hire, direct placement, and managed services both onshore and nearshore. Celebrating more than 25 years of partnership with a diverse client base, we've crafted rewarding opportunities for our consultants, fostering high-performing teams that deliver impactful results. Over the last few years thousands of consultants have found their calling with us in roles that have made a meaningful impact on their lives, enhanced their career, challenged them, and propelled them towards achieving their personal and professional goals. At the ConsultNet family of companies, we believe effective communication is crucial in aligning the right job with your unique skills and professional aspirations. To us, it's all about the personal approach we take and the values we uphold. Our comprehensive service offerings cover a wide range of technology positions across key markets nationwide. Client more at . We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law. Apply tot his job