Digital Forensics and Incident Response Lead

  • Part Time
  • Canada


I am working with a well established global Cyber Security Consultancy, they are looking to add to their Digital Forensics and Incident Response Team. Based in Canada, you will be working remotely in the DFIR team, you will be responsible for responding to all cyber-attacks, ensuring the clients downtime and impact on the business is remediated as quickly as possible. The client base is in the PST time zone, the West Canadian provinces of British Colombia, Alberta, Saskatchewan and Manitoba.

Responsibilities: Act as the central point for incident response within the organization, including initial analysis, escalation, and post-incident tasks. Provide advanced troubleshooting across various technologies, including packet captures and traffic analysis. Contribute to the development of incident response and post-breach policies and processes.

Document incident response methods and create a run book for personnel. Conduct live-endpoint investigations and implement remediation actions. Deploy an incident response ticketing system for better tracking and metrics.

Collaborate with third parties on incident response, security breaches, and investigations. Mentor team members on incident response techniques. Assist in transitioning from incident response to SOC operations.

Generate technical reports and business unit-specific KPIs for senior management. Ransomware experience Experience of BEC investigations Requirements: 4-6 years of incident response experience. Experience in conducting Table Top Exercises.

Proficiency in deploying and managing EDR Technology. Familiarity with security technologies and the NIST Framework. Ability to develop, document, and implement incident response methods.

Experience in live endpoint investigations and forensic investigations. Ability to mentor and provide training. Availability to cover business requirements across three regions.

Strong knowledge of DFIR Tools and virtualization technologies. Knowledge of conducting Penetration Tests.

Job Search