Principal Consultant

 

Description:

This role is client-facing and requires the Principal Consultant to lead and produce deliverables based on reactive services client engagements. The Principal Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to manage incident response engagements and provide guidance on longer term remediation. Furthermore the Principal Consultant will act as a mentor and goto person to build up and strengthen our DFIR Service. Speaking at a conference, taking part in a Panel or representing Unit42 in any other ways are also part of the role.

Your Impact As a Principal Consultant
 

  • Perform and lead reactive incident response functions including but not limited to: host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
  • Examine log sources such as cloud provider platform native logs such as Microsoft M365, Microsoft Azure, Google Cloud, Google Workspaces and AWS.
  • Investigate cloud security incidents using one of the following: Palo Alto Networks Prisma Cloud, Microsoft Defender, AWS Guard Duty, AWS CloudTrail, AWS CloudWatch.
  • Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Palo Alto Networks investigation tools to determine source of compromises and malicious activity that occurred in client environments.
  • Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations.
  • Ability to perform travel requirements as needed to meet business demands (on average 20%).
  • Mentorship of team members in incident response and forensics best practices.
     

Qualifications

Your experience
 

  • 6+ years of incident response or digital forensics consulting experience with a passion for cyber security
  • Strong leadership skills including experience managing a team or individuals
  • Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front
  • Proficient with host-based forensics, cloud-based forensics and data breach response.
  • Proficient with querying data sources such as logging platforms and databases (e.g. SQL, Splunk, Log Analytics Workspaces, XSIAM/XDR)
  • Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools.
  • Cloud consulting and/or cloud incident response experience required.
  • Incident response consulting experience required
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field

Organization Palo Alto Networks
Industry Consultant Jobs
Occupational Category Principal Consultant
Job Location Doha,Qatar
Shift Type Morning
Job Type Full Time
Gender No Preference
Career Level Intermediate
Experience 6 Years
Posted at 2023-11-16 7:21 am
Expires on 2025-01-22