Principal Consultant, Digital Forensics
At West Monroe, our people are our business.
We pride ourselves on bringing a different mindset to consulting—and that takes a different approach: highly collaborative, flexible, and tenacious.
Our people-first, highly collaborative culture is core to our identity. It’s something we care about, and something we strive to enrich and preserve. No hierarchies. No siloes. No egos. Just smart ideas, and the drive to make an impact for our clients.
We also know that the best outcomes for both our people and our clients result from including diverse perspectives at the table. That’s why inclusion & diversity is one of our core values.
Every day our clients rely on us to help them tackle their greatest challenges, by strategically deploying technology through a business-focused and industry-specific lens. We bring together both the right knowledge and the right approach, so that they can capitalize on opportunities and deliver real results. That takes the right team. And that’s where you come in.
Ready for the next step on your career journey?
We’re looking for a Principal Consultant, Digital Forensics to join our Cybersecurity practice and help investigate and resolve complex data breaches during and after Incident Response & Recovery (IR&R) engagements. As part of this work, we assist clients that are experiencing a ransomware event (or similar security incident) and are often undergoing a complete business outage. Our IR&R teams investigate these types of attacks, uncover critical information, and utilize their findings to engineer a real-time fix. As a principal DF consultant for our IR&R offering, you would lead forensic imaging, root cause analysis, ransomware/malware remediation, and often create investigative summaries for executive client readouts.
Responsibilities:
- Collaborate with West Monroe incident commander, DFIR, and recovery consultants to triage, plan, coordinate, and execute the remediation of client cybersecurity incidents during/post breach (I.e. ransomware)
- Identify, contain, and eradicate client information assets from risks caused by the breach
- Apply forensic methodology and analysis to a variety of file systems (I.e. FAT, NTFS, HFS, ext2, ext3) to retrieve data
- Drive forensic examinations/investigations through the entire lifecycle, including case planning, intake, acquisition, examination, presentation, and disposition
- Conduct analysis of compromised hardware devices, software, and mobile applications to create investigative summaries and generate extraction reports for client/executive presentations
- Spearhead reactive and proactive threat hunting engagements by performing endpoint, network, and log analysis
- Review and recommend technical, processes, and physical controls to mitigate damage from breach presence
- Translate business and technical requirements into concrete projects proposals, including detailed work plans and cost estimates, to assist in sales efforts and develop client relationships, as well as new opportunities
- Mentor and enable junior consultants to develop additional forensic, response, and threat hunting skills
- Dedicate time towards practice and offering development, including continuous improvement of our forensic lab capabilities and tools, as well as our homegrown forensics and threat hunting software product, Intellio™ Hunt
- Promote thought leadership in emerging cybersecurity/DFIR technologies and best practices by developing partnerships, leveraging go-to-market offerings, speaking at industry events, writing blog posts and white papers, representing West Monroe at tech conferences, etc.
Qualifications:
- Bachelor’s degree in relevant field preferred, or equivalent experience required
- Consulting firm/industry experience preferred
- 6-11+ years of experience within cybersecurity and expertise in DFIR concepts, best practices, and technologies
- Professional certifications, I.e. CISSP, CFCE, GCFA/GIAC, EnCE, CEH, OSCP – preferred, not required
- Strong experience with common investigation/hunting tools, I.e. Carbon Black, EnCase, F-Response, FTK, Exabeam
- Well-versed in incident response engagements, preferably at the enterprise level: ransomware events, data breaches, IT forensic investigation, root cause analysis, threat hunting, technical recovery, legal/compliance notifications, IR plan development, tabletop testing, etc.
- Proficient understanding of application, database, authentication, and network security principles
- Excellent organizational, verbal, presentation/facilitation, and written communication skills
- Willingness to travel for out of town client engagements, COVID-19 permitting (minimal, ~10%)
Ready to get started? Join our team and make an impact.