Principal Consultant, Cybersecurity (DFIR)
Ready to thrive in the next step on your career journey?
West Monroe is looking for a Principal DFIR Consultant to join our Tech - Cybersecurity practice and focus on investigating complex security breaches during and after Incident Response & Recovery (IR&R) engagements. As part of this work, we assist clients that are experiencing a ransomware event or similar security incident and are often undergoing some level of business outage. Our IR&R teams investigate these types of attacks, uncover critical information, and utilize their findings to engineer a real-time fix. As a principal consultant for our IR&R offering, you would lead artifact collection, forensic imaging, root cause analysis, log and file systems analysis, ransomware remediation, and often create investigative summaries for executive client readouts.
Responsibilities:
- Collaborate with West Monroe incident commander, DFIR, and recovery consultants to triage, plan, coordinate, and execute the remediation of client cybersecurity incidents during/post breach (I.e. ransomware)
- Identify, contain, and eradicate client information assets from risks caused by the breach
- Apply forensic methodology and analysis to a variety of file systems (I.e. FAT, NTFS, HFS, ext2, ext3) to retrieve data
- Drive forensic examinations/investigations through the entire lifecycle, including case planning, intake, acquisition, examination, presentation, and disposition
- Conduct analysis of compromised hardware devices, software, and mobile applications to create investigative summaries and generate extraction reports for client/executive presentations
- Spearhead reactive and proactive threat hunting engagements by performing endpoint, network, and log analysis
- Review and recommend technical, processes, and physical controls to mitigate damage from breach presence
- Translate business and technical requirements into concrete projects proposals, including detailed work plans and cost estimates, to assist in sales efforts and develop client relationships, as well as new opportunities
- Mentor and enable junior consultants to develop additional forensic, response, and threat hunting skills
- Dedicate time towards practice and offering development, including continuous improvement of our forensic lab capabilities and tools, as well as our homegrown forensics and threat hunting software product Intellio™ Hunt
- Promote thought leadership in emerging cybersecurity/DFIR technologies and best practices by developing partnerships, leveraging go-to-market offerings, speaking at industry events, writing blog posts and white papers, representing West Monroe at tech conferences, etc.
Qualifications:
- Bachelor’s degree in relevant field preferred, or equivalent experience required
- Consulting firm/industry experience preferred
- 6-11+ years of experience within cybersecurity and expertise in DFIR concepts, best practices, and technologies
- Professional certifications such as CISSP, CFCE, GCFA/GIAC, EnCE, CEH, OSCP are preferred, not required
- Strong experience with common investigation/hunting tools, I.e. Carbon Black, EnCase, F-Response, FTK, Exabeam
- Well-versed in incident response engagements, preferably at the enterprise level: ransomware events, data breaches, IT forensic investigation, root cause analysis, log analysis, threat hunting, technical recovery, legal/compliance notifications, IR plan development, tabletop testing, etc.
- Strong understanding of application, database, authentication, and network security principles
- Excellent organizational, verbal, presentation/facilitation, and written communication skills
- Ability to lead, mentor, and coach junior DFIR consultants on the team
- Willingness to travel for out of town client engagements – COVID-19 permitting (minimal, ~10% or less)
Ready to get started? Join our team and make an impact.
At West Monroe, our people are our business.
We pride ourselves on bringing a different mindset to consulting—and that takes a different approach: highly collaborative, flexible, and tenacious.
Our people-first culture is core to our identity. It’s something we care about, and something we strive to enrich and preserve. No hierarchies. No siloes. No egos. Just smart ideas, unique perspectives, and the drive to make an impact for our clients.
We also know that the best outcomes for both our people and our clients result from including diverse perspectives at the table. That’s why inclusion & diversity is one of our core values.
Every day our clients rely on us to help them tackle their greatest challenges, by strategically deploying technology through a business-focused and industry-specific lens. We bring together both the right knowledge and the right approach, so that they can capitalize on opportunities and deliver real results. That takes the right team. And that’s where you come in.
West Monroe Partners is an Equal Employment Opportunity Employer
We believe in treating each employee and applicant for employment fairly and with dignity. We base our employment decisions on merit, experience, and potential, without regard to race, color, national origin, sex, sexual orientation, gender identity, marital status, age, religion, disability, veteran status, or any other characteristic prohibited by federal, state or local law. To learn more about inclusion and diversity at West Monroe, visit www.westmonroe.com/inclusion.
If you are based in California, we encourage you to read West Monroe’s Notice at Collection for California residents, provided pursuant to the California Consumer Privacy Act (CCPA) and linked here.