CrawlJobs Logo

Consultant, DFIR, Reactive Services

United States, Santa Clara 102000.00 - 139500.00 USD / Year · Job Posted January 25, 2026
Apply Position
Job Link Share

Job Description

As a client-facing Consultant in our reactive services team, you will be a critical first responder for our customers. You will lead and manage incident response engagements from start to finish, working directly with diverse stakeholders, including C-suite executives, to guide them through complex cybersecurity incidents and deliver actionable solutions based on your findings.

Job Responsibility

  • Lead reactive incident response engagements, guiding clients through digital forensics investigations and security incident containment
  • Perform host-based forensic analysis across Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Investigate data breaches using advanced forensics tools to determine the source and scope of malicious activity
  • Examine firewall, web, database, and other log sources to identify evidence and artifacts of compromise
  • Proactively collaborate with clients and internal teams, providing expert guidance on tactical remediation recommendations to improve their security posture
  • Produce and present high-quality deliverables for client engagements, communicating complex findings to both technical and executive stakeholders
  • Travel as needed (approximately 30%) to support client-facing engagement demands

Requirements

  • 2+ years of incident response or digital forensics experience
  • Proficient with host-based forensics and data breach response
  • Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Volatility, WireShark, TCPDump, and open-source forensic tools
  • Bachelor’s Degree in Information Security, Digital Forensics, Cyber Security, Computer Science, related field, or equivalent experience required

Nice to have

  • Incident Response Consulting is highly preferred
  • Ability to grow into a valuable contributor to practice
  • have an external presence via public speaking, conferences, and/or publications
  • have credibility, executive presence, and gravitas
  • be able to have a meaningful and rapid delivery contribution
  • have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
  • be collaborative and build relationships internally, externally, and across all PANW functions, including the sales team

What we offer

  • restricted stock units
  • bonus

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Consultant, DFIR, Reactive Services

8 matching positions

New

Consultant, DFIR, Reactive Services (Unit 42)

The Consultant, Reactive Services is an individual contributor role within Unit ...
Location
Location
Brazil , São Paulo
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or related field, or equivalent practical experience
  • 3–5 years of hands-on experience in Digital Forensics and Incident Response (DFIR), Security Operations, SOC, or related cybersecurity disciplines
  • Experience supporting investigations involving ransomware, intrusion activity, phishing, malware, or unauthorized access incidents
  • Foundational understanding of forensic methodologies, evidence handling, acquisition techniques, and chain-of-custody procedures
  • Hands-on experience with DFIR tools such as EnCase, FTK, SleuthKit, Volatility, or equivalent forensic frameworks
  • Experience working across Microsoft Windows, Linux, and macOS environments
  • Strong analytical and problem-solving skills with the ability to perform technical investigations in high-pressure environments
  • Excellent written and verbal communication skills
  • Ability to communicate technical findings to both technical and executive audiences
  • Candidates must be fluent in any combination of the following languages: English + Spanish
Job Responsibility
Job Responsibility
  • Support and execute digital forensics and incident response investigations across enterprise environments
  • Conduct forensic analysis of endpoints, systems, logs, and cloud environments to identify attacker activity and scope of compromise
  • Assist with host, network, and cloud investigations during active security incidents
  • Perform forensic acquisition and preservation of evidence following industry best practices and chain-of-custody procedures
  • Utilize industry-standard DFIR tools and methodologies to investigate malicious activity and support containment efforts
  • Collaborate with senior consultants and engagement teams to deliver high-quality client outcomes during incident response engagements
  • Document technical findings, timelines, and investigative results for both internal and client-facing reporting
  • Provide remediation recommendations and support clients throughout the incident response lifecycle
  • Maintain awareness of emerging threats, attacker techniques, and evolving cybersecurity trends
  • Support the development of internal DFIR processes, playbooks, and knowledge-sharing initiatives within the Unit 42 team
  • Fulltime
Read More
Arrow Right

Principal Consultant, DFIR, Reactive Services (Unit 42)

Manage and lead incident response engagements, including scoping work, guiding c...
Location
Location
Canada , Toronto
Salary
Salary:
136000.00 - 187000.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree with 8 years of experience, or Master's degree with 6 years of experience, or PhD with 3 years of experience in Information Security, Computer Science, Digital Forensics, or a related field
  • Direct experience in incident response or digital forensics consulting
  • Proficiency with host-based forensics and data breach response methodologies
  • Hands-on experience with forensic tools such as EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, or WireShark
  • Ability to travel as needed to meet business demands, averaging up to 20%
Job Responsibility
Job Responsibility
  • Manage and lead incident response engagements, including scoping work, guiding clients through forensic investigations, and containing security incidents
  • Perform reactive incident response and host-based analysis on Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Examine firewall, web, database, and other log sources to identify evidence of malicious activity and attack vectors
  • Investigate data breaches using forensic tools like EnCase, FTK, X-Ways, SIFT, and Splunk to determine the source and scope of compromises
  • Provide clients with clear, actionable recommendations for long-term remediation and security posture improvement
  • Collaborate with internal teams and external stakeholders to ensure alignment and deliver comprehensive solutions
  • Act as a mentor for junior team members, sharing expertise in incident response and digital forensics best practices
What we offer
What we offer
  • restricted stock units
  • bonus
  • Fulltime
Read More
Arrow Right

Senior Consultant, DFIR, Reactive Services (Unit 42) - Remote Weekend Shift

This role is client-facing and requires the Senior Consultant to help lead and p...
Location
Location
United States , New York
Salary
Salary:
128000.00 - 176000.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of incident response or digital forensics experience with a passion for cyber security
  • Proficient with host-based forensics and data breach response
  • Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Volatility, WireShark, TCPDump, and open source forensic tools
  • Incident Response Consulting preferred
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field or equivalent military experience required
Job Responsibility
Job Responsibility
  • Perform reactive incident response functions including but not limited to - host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity
  • Investigate data breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom Unit 42 investigation tools to determine source of compromises and malicious activity that occurred in client environments
  • Lead incident response engagements to guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
  • Mentorship of Incident Response Consultants in incident response and forensics best practices
  • Ability to perform light travel requirements as needed to meet business demands (on average 30%)
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
Read More
Arrow Right

Senior Consultant, DFIR, Reactive Services (Unit 42)

As a client-facing Senior Consultant in Unit 42, you will lead reactive incident...
Location
Location
United States , Santa Clara
Salary
Salary:
128000.00 - 176000.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or a related field, or equivalent military/professional experience
  • 4+ years of direct experience in incident response or digital forensics
  • Proficiency in host-based forensics, data breach response, and evidence handling procedures
  • Hands-on experience with forensic tools such as EnCase, FTK, X-Ways, SIFT, Splunk, Volatility, or similar technologies
Job Responsibility
Job Responsibility
  • Lead end-to-end incident response engagements, guiding clients through investigation, containment, and long-term remediation strategies
  • Perform host-based forensic analysis on Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Analyze firewall, web, database, and other log data to uncover evidence of malicious activity and system compromise
  • Utilize advanced forensic tools (e.g., EnCase, FTK, Splunk) to investigate data breaches, determining the root cause and scope of malicious activity
  • Collaborate with clients and internal stakeholders to communicate findings, provide status updates, and deliver comprehensive reports
  • Mentor and empower junior consultants, sharing expertise in incident response and digital forensics best practices
  • Travel as required (approximately 20%) to meet client and business needs for on-site engagement
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right

Principal Consultant, DFIR, Reactive Services

As a Principal Consultant for our reactive services, you will serve as a client-...
Location
Location
United States , Santa Clara
Salary
Salary:
151400.00 - 208100.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or a related field, or equivalent military experience
  • 6+ years of direct incident response or digital forensics consulting experience
  • Proficiency with host-based forensics, data breach response, and forensic tools such as EnCase, FTK, X-Ways, SIFT, Splunk, Volatility, or WireShark
  • Demonstrated experience managing the full lifecycle of a technical consulting engagement
  • Ability to travel as needed to meet business demands, averaging approximately 20%
Job Responsibility
Job Responsibility
  • Lead and manage complex incident response engagements, including scoping work, guiding clients through forensic investigations, and containing security incidents
  • Perform reactive incident response functions, including host-based analysis of Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Investigate data breaches by leveraging advanced digital forensics tools (e.g., EnCase, FTK, X-Ways, SIFT, Splunk) to determine the source and scope of compromises
  • Examine and analyze firewall, web, database, and other log sources to identify evidence of threat actor activity
  • Collaborate with clients and internal teams to provide strategic guidance and recommendations for long-term remediation and security posture improvement
  • Develop and produce high-quality, client-facing deliverables, including detailed reports and executive summaries
  • Provide mentorship and guidance to junior team members on incident response and forensics best practices, empowering others to develop their skills
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
Read More
Arrow Right

Consulting Director, DFIR, Reactive Services

The Consulting Director, Reactive Services is a senior-level consulting position...
Location
Location
United States , Santa Clara
Salary
Salary:
183000.00 - 252000.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree with 12 years of experience, or Master's degree with 8 years of experience, or PhD with 5 years of experience in a related field
  • Minimum of 10 years of hands-on consulting experience in digital forensics and incident response (DFIR)
  • Proven experience leading technical breach response teams in high-pressure, fast-paced environments
  • Expert-level knowledge of forensic processes and procedures, including chain of custody and memory/disk acquisition techniques
  • Demonstrated proficiency with industry-standard forensics tools such as EnCase, FTK, SleuthKit, or Volatility
  • Deep operational understanding of one or more major operating systems (Microsoft Windows, Linux, or Mac)
Job Responsibility
Job Responsibility
  • Lead technical breach response teams in fast-paced environments, providing strategic direction and hands-on guidance
  • Deliver expert-level consulting on cybersecurity, incident response, and digital forensics to a diverse client base
  • Proactively collaborate with clients and internal teams to develop unique and creative solutions for complex security incidents
  • Maintain and apply hyper-current knowledge of the threat landscape, emerging vulnerabilities, and malware persistence mechanisms
  • Utilize advanced forensic tools and processes (e.g., EnCase, FTK, Volatility) for evidence acquisition and analysis across major operating systems
  • Manage client relationships, lead technical meetings, and oversee multiple project teams concurrently to ensure successful engagement delivery
  • Identify opportunities to cross-sell or upsell existing clients and contribute to generating new business for reactive services
What we offer
What we offer
  • FLEXBenefits wellbeing spending account with over 1,000 eligible items
  • mental and financial health resources
  • personalized learning opportunities
  • restricted stock units
  • bonus
  • Fulltime
Read More
Arrow Right

Consulting Director – Reactive Services

Senior-level consulting role leading cybersecurity incident response and breach ...
Location
Location
United States , Burbank
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of DFIR consulting experience (breach response, investigations)
  • Proven leadership of technical incident response teams in high-pressure environments
  • Deep expertise in forensic methodologies (chain of custody, disk/memory analysis)
  • Hands-on experience with tools: EnCase, FTK, SleuthKit, Volatility (or equivalent)
  • Strong operating system expertise (Windows, Linux, or macOS)
  • Degree: Bachelor’s + 12 yrs, Master’s + 8 yrs, or PhD + 5 yrs (or equivalent experience)
Job Responsibility
Job Responsibility
  • Lead breach response engagements, providing both strategic direction and hands-on DFIR leadership
  • Deliver expert consulting across incident response, digital forensics, and cyber risk scenarios
  • Guide clients through complex incidents with tailored, high-impact solutions
  • Stay current on threat landscape, vulnerabilities, and attacker techniques (TTPs, persistence methods)
  • Perform and oversee forensic investigations (memory/disk acquisition, analysis) using tools like EnCase, FTK, Volatility
  • Manage client relationships, lead technical discussions, and run multiple engagements concurrently
  • Support business growth through client expansion (cross-sell/upsell) and new opportunity identification
  • Fulltime
Read More
Arrow Right

Senior Consultant, IR

As a Senior Consultant in Unit 42’s Digital Forensics and Incident Response (DFI...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of professional experience using leading industry tools and technologies (e.g., Disk forensics tools, EDR technology, SIEM) for performing Digital Forensics and Incident Response (DFIR) investigations at scale
  • Proficient with host-based forensics on both Windows, Linux and Mac operating systems
  • Experienced with tooling such as EnCase, FTK, X-Ways, SIFT, Splunk, Volatility, WireShark, TCPDump, and other open source forensic tools
  • Solid understanding of the cyber threat landscape, and an ability to apply threat-led approaches to security engagements
  • Identified ability to grow into a valuable contributor to the practice and, specifically be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
  • have the potential and capacity to understand aspects of the business and develop a thorough understanding of PANW products over time
  • have/or a desire to grow an external presence via public speaking, conferences, and/or publications
  • ability to build credibility, executive presence, and gravitas
  • be able to have a meaningful and rapid delivery contribution
  • Ability to become proficient in at least two Palo Alto Networks products, including developing a deeper understanding of how our products integrate into an organisations cyber security program, and can be leveraged to produce data driven insights
Job Responsibility
Job Responsibility
  • Perform reactive incident response functions including but not limited to Host-based analysis outcomes via investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Examine firewall, web, database, and other log sources to identify evidence and artefacts of malicious and compromised activity
  • Investigate data breaches leveraging industry standard forensics tools such as Encase, FTK, X-Ways, SIFT, Splunk, and custom Unit 42 investigation tools to determine source of compromises and malicious activity that occurred in client environments
  • Conduct triage and analysis tasks leveraging best of breed Endpoint Detection and Response (EDR) technology such as Cortex XDR, CrowdStrike, MDE etc.
  • Supported by senior team members, undertake incident response engagements to guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
  • Provide mentorship of Incident Response Consultants in incident response and forensics best practices
  • Working with practice leads to scope, schedule and deliver engagements end-to-end
  • Report generation that clearly communicates investigations and assessment details, results, and remediation recommendations to clients
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Contributing alongside practice leads to the continuous improvement and innovation of our services based on key drivers such evolving technology, threat landscape, regulatory requirements, lessons learned, industry standards and client requirements
  • Fulltime
Read More
Arrow Right