Digital Forensics & Incident Response (DFIR) Consultant

About the RoleA leading cybersecurity consulting organization is seeking a Digital Forensics & Incident Response (DFIR) Consultant with 3-4 years of experience in cybersecurity. This role involves investigating cybersecurity incidents, advising clients on security best practices, and responding to ransomware, business email compromise, network intrusions, social engineering attacks, and advanced persistent threatsThis position requires technical expertise, investigative skills, and the ability to act as a trusted authority for enterprise clients. The consultant will work in a fast-paced, 24/7 environment supporting clients primarily in the Americas.Key ResponsibilitiesIncident Response & Digital ForensicsLead and assist in investigations related to ransomware, phishing, system intrusions, and cloud security incidentsConduct threat hunting to identify security breaches.Investigate external threat actors, including financially motivated cybercriminals.Perform forensic analysis on Windows, MacOS, and Linux systemsInvestigate cloud-based attacks in AWS, O365, Azure, and GCPUtilize forensic tools such as EnCase, FTK, X-Ways, and endpoint detection tools like CrowdStrike and Microsoft DefenderClient Engagement & AdvisoryServe as a trusted cybersecurity advisor, ensuring clients receive expert guidance.Provide clear, detailed updates to clients during active investigations.Work within strict service level agreements (SLAs), responding to incidents promptly.Methodology & Process DevelopmentDevelop and execute incident response methodologies for threats like Business Email Compromise (BEC) and network intrusionsUse Splunk and other SIEM tools for forensic log analysis.Manage client expectations while delivering timely and accurate reportsQualifications & ExperienceRequired:3-4+ years of experience in Cybersecurity, with a focus on Digital Forensics and Incident Response (DFIR)Expertise in investigating external threat actors and financially motivated cybercrimeHands-on experience with cloud environments (AWS, O365, Azure, GCP).Proficiency in Python, PowerShell, and forensic investigation tools.Strong communication skills, with the ability to clearly articulate investigative methodologiesExperience working in high-pressure, 24/7 environments with a focus on incident response and digital forensicsWhat you need to know about usWe are Connectors. We thrive on 'quality over quantity' and put in the work building strong relationships. We create connections, discover qualities, uncover skills, and place people with accuracy. We are your true partner!We are Collaborators. You'll be working with a wholly-owned subsidiary of Kelly and part of the Kelly Telecom division. It allows us to be as nimble and fiercely competitive as a startup while having the backing of a multibillion dollar publicly traded company which has been in business for 75 years. With direct access to hiring managers, services don't stop at standard recruiting processes. We use our expertise to improve your application skills and provide ongoing career support.We give 24/7 Support. We are in this together. We provide around the clock availability, competitive employee benefits, and continuously check-in to make sure things are going smoothly. Check out our Glassdoor page!

Created: 2025-03-03