Sr. Principal, Digital Forensics
At West Monroe, our people are our business.
We pride ourselves on bringing a different mindset to consulting—and that takes a different approach: highly collaborative, flexible, and tenacious.
Our people-first culture is core to our identity. It’s something we care about, and something we strive to enrich and preserve. No hierarchies. No siloes. No egos. Just smart ideas, unique perspectives, and the drive to make an impact for our clients.
We also know that the best outcomes for both our people and our clients result from including diverse perspectives at the table. That’s why inclusion & diversity is one of our core values.
Every day our clients rely on us to help them tackle their greatest challenges, by strategically deploying technology through a business-focused and industry-specific lens. We bring together both the right knowledge and the right approach, so that they can capitalize on opportunities and deliver real results. That takes the right team. And that’s where you come in.
Ready to thrive in the next step on your career journey?
We’re looking for a Sr. Principal Consultant, Digital Forensics to join our Cybersecurity practice and help resolve complex client breaches during and after Incident Response & Recovery (IR&R) engagements. As part of this work we assist clients that are experiencing a ransomware event (or similar security incident) and are often undergoing a complete business outage. Our IR&R teams investigate these types of attacks, uncover critical information, and utilize their findings to engineer a real-time fix. As a lead principal digital forensics consultant, you would own forensic imaging & analysis, ransomware/malware remediation, and creating investigative summaries as a leader for our IR&R offering.
Responsibilities:
- Collaborate with West Monroe incident commanders, infrastructure recovery, and DFIR consultants to plan, coordinate, and execute remediation of client security incidents (I.e. ransomware events), during/post breach
- Identify, contain, eradicate, and recover client information assets from risks caused by the breach
- Apply forensic methodology and analysis to a variety of file systems (I.e. FAT, NTFS, HFS, ext2, ext3) to retrieve data
- Drive digital forensic examinations/investigations through the entire lifecycle including case planning, intake, acquisition, examination, presentation, and disposition
- Conduct investigative analyses of infected hardware devices, software, and mobile applications to create investigative summaries and generate extraction reports for client/executive presentations
- Spearhead reactive and proactive threat hunting engagements by performing endpoint, network, and log analysis
- Review and recommend technical, processes, and physical controls to mitigate damage from breach presence
- Translate business and technical requirements into concrete projects proposals, including detailed work plans and cost estimates, to assist in sales efforts and develop client relationships, as well as new opportunities
- Mentor and enable junior consultants to develop additional forensic, response, and threat hunting capabilities
- Dedicate time towards practice and offering development, including continuous improvement of our digital forensics’ lab capabilities
- Promote thought leadership in emerging cybersecurity and DFIR technologies by developing partnerships, leveraging go-to-market offerings, speaking at events, representing us at tech conferences, writing blog posts, etc.
Qualifications:
- Bachelor’s degree in relevant field preferred, or equivalent experience required
- Consulting firm/industry experience preferred
- 8-15+ years of experience within cybersecurity and a strong working knowledge of DFIR concepts
- Professional certifications – CISSP, CFCE, GCFA/GIAC, EnCE, CEH, OSCP – preferred, not required
- Experience with DF investigation/hunting tools – Carbon Black, EnCase, F-Response, FTK, Exabeam, etc.
- Well-versed in incident response engagements, preferably at the enterprise level: technical recovery, IT forensic investigation, threat hunting, legal or compliance notifications, IR plan development, tabletop testing, etc.
- Strong understanding of application, database, authentication, and network security principles
- Excellent organizational, verbal, presentation/facilitation, and written communication skills
- Willingness to travel for out of town client engagements – COVID permitting (minimal, ~10%)
Ready to get started? Join our team and make an impact.
To learn more about inclusion and diversity at West Monroe, visit www.wmp.com/inclusion.