Principal Consultant – Cloud Dfir – Reactive Services – Unit
| Company | Palo Alto Networks |
|---|---|
| Location | Washington, CA, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior, Expert or higher |
Requirements
- 6+ years of incident response or digital forensics consulting experience with a passion for cyber security
- 3+ years in a cloud environment as an administrator, security operator, or consultant
- Hands-on experience with architecting, building, operating, investigating, and troubleshooting large and complex cloud environments
- Understand and demonstrate best practices for architecting and operating in a cloud environment
- Experience with large-scale application administration and debugging, Cloud Security Posture Management (CSPM) solutions, or automation via scripting or cloud-native approaches
- Strong leadership skills including experience managing a team or individuals
- Experience with leading complicated engagements including scoping, interfacing with the client, and have executed on a technical front
Responsibilities
- Perform reactive incident response functions in public cloud environments, primarily Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and AliCloud
- Examine compute, storage, IAM, network traffic, serverless, and other log sources to identify evidence of malicious activity
- Investigate data breaches leveraging traditional forensic tools, cloud-specific tools, and custom Unit 42 techniques to determine the source of compromises and malicious activity that occurred in client environments
- Manage incident response engagements to scope work, guide clients through forensic investigations, contain security incidents, and provide guidance on longer term remediation recommendations
- Ability to perform travel requirements as needed to meet business demands (on average 20%)
- Mentorship of team members in incident response and forensics best practices
Preferred Qualifications
- DevOps experience welcome