Senior Security Consultant - Incident Response

  • CGS,
  • San Francisco, CA
Incident Response/Digital Forensics/Windows/Linux/BASH
Full Time
Depends On Experience
Telecommuting available Travel not required

Job Description

CGS Business Solutions is seeking Incident Response Consultants with strong technical skills and an eagerness to lead projects and work with our clients.Principal Security Consultants are a critical element of the growing Incident Response - IR practice. The Security Consultants must be able to triage an ongoing event, acquire the appropriate evidence for laboratory technicians to analyze, and perform limited immediate analysis onsite in order to assist other responders. Consultants will also be expected to deliver on security engagements outside of the IR Practice when available and where skillsets align.

Responsibilities Include:

  • Acting as Technical Lead on Digital Forensics and Incident Response projects
  • Advising investigators on the availability and reliability of digital evidence
  • Working with investigators to acquire digital evidence through onsite & lab searches
  • Conducting examinations of digital evidence and preparing evidence for reporting or trial
  • Conducting interviews and taking statements in relation to computer evidence
  • Managers will also train other investigators and stay up-to-date on current events in the industry
  • Participate in security engagements outside of the IR practice as available and applicable (e.g., web, network, mobile, social engineering, etc. engagements)
  • With a focus in the Application-layer compromises, deep memory and cloud-level (Azure or AWS) forensics.  
  • Oversee technical engagements and ensure engagements stay on tasks within the allotted timeframe
  • Minimum of 5 years of experience in Incident Response, delivering high-level results on first response or analysis engagements
  • SANS DFIR certifications highly desired
  • Court certifications preferred, but not required
  • 4-year degree or equivalent experience required

Essential Competencies:

  • Capable of performing live triage of ongoing incidents
  • Capable of performing network forensics and ability to read packet captures
  • A working knowledge of operating system artifacts for Windows/Linux/Unix/OSX systems
  • Ability to build and troubleshoot live IR and forensics tools
  • Ability to read and write in scripting languages (BASH, PowerShell, Python, PERL, etc.)
  • Ability to identify and suggest remediation for insecure architecture
  • Advanced level experience and capabilities with the Unix/Linux command line
  • Advanced level reverse engineering capabilities for both ELF and PE binaries.
  • The ability to obtain memory images from bare metal and virtualized systems
  • The ability to obtain disk images from bare metal and virtualized systems
  • Proficient in performing Open Source Intelligence gathering
  • Experience with both Open and Closed Source Rapid Response Tools (GRR, OSQuery, FireEye, etc.)
  • Experience with Intrusion Prevention Systems (IPS), Security Event Information Management systems (SIEM), and Log Aggregation systems
  • Experience with virtualization (KVM, ESXi, Hyper-V) and cloud-based (AWS, Azure, Google Cloud) networks
  • Ongoing familiarity with emerging and prevalent technologies and IT systems
  • Willingness to travel up to 30%

About CGS Business Solutions:
CGS specializes in IT business solutions, staffing and consulting services. With a strong focus in IT Applications, Network Infrastructure, Information Security, and Engineering. CGS is an INC 5000 company and is honored to be selected as one of the Best IT Recruitment Firms in California. After five consecutive Fastest Growing Company titles, CGS continues to break into new markets across the USA. Companies are counting on CGS to attract and help retain these resource pools in order to gain a competitive advantage the rapidly changing business environments.

Dice Id : 10477632
Position Id : BHJOB31_476
Have a Job? Post it