Senior Consultant – Cyber Incident Response

About the role

As a Senior Incident Response Consultant you will lead high‑stakes investigations and proactive threat‑hunting engagements for enterprise clients. You will act as the technical authority, guiding customers through complex cyber incidents, developing remediation strategies, and mentoring junior team members.

Key responsibilities

• Lead end‑to‑end incident response engagements, from scoping and triage to containment, eradication, recovery and post‑incident review.
• Perform advanced forensic analysis on Windows, Linux, macOS endpoints and cloud environments (Azure, AWS, GCP) to uncover attacker TTPs and scope of compromise.
• Conduct static and dynamic malware analysis and analyze network traffic (packet captures, NetFlow, proxy/firewall logs) to reconstruct attack timelines.
• Maintain expert‑level proficiency with IR and forensic tools such as X‑Ways, EnCase, Axiom, Velociraptor, Splunk and the ELK Stack.
• Author clear technical and executive‑level reports with findings, impact assessments and actionable recommendations.
• Mentor junior consultants, contribute to IR playbooks, SOPs and automation scripts.
• Serve as a subject‑matter expert advising clients on strategic cybersecurity posture improvements.

Required profile

• Bachelor’s degree in Computer Science, Cybersecurity or a related technical field.
• 6‑8+ years of hands‑on incident response experience leading complex investigations for enterprise‑level organizations.
• Relevant certification (GCIH, GCFA, GNFA, ECIH or equivalent).
• Proven expertise in forensic acquisition and analysis of enterprise IT systems, servers and cloud infrastructures.
• Strong leadership, communication and client‑facing abilities.

Required skills

• Windows, Linux, macOS internals and artifact analysis.
• Azure, AWS, GCP cloud environments.
• Forensic tools: X‑Ways, EnCase, Axiom, Velociraptor.
• SIEM and log analysis: Splunk, ELK Stack.
• Scripting/automation: Python, PowerShell, Bash.
• Network traffic analysis and MITRE ATT&CK framework.
• Static and dynamic malware analysis.