Soteria
Digital Forensics and Incident Response Consultant
Soteria, Charleston, South Carolina, 29408
Established in 2014 and based in Charleston, South Carolina, Soteria's expertise in the cybersecurity domain is predicated upon the accumulated practical experience across all team members. Soteria's security professionals have held leading positions in private industries, state governments, and federal intelligence communities. Driven by this combined pool of knowledge as well as the belief that "Security is for Everyone," Soteria offers advisory services and solutions which are significantly differentiated from the security status quo. Soteria treats each client as a unique case deserving of individualized security insights and specialized hands-on assistance. About the role Detection and Response Team At Soteria, our incident response professionals work directly with our clients to recover from incidents as quickly and effectively as possible. We strive to be the steady hand that guides our clients when they are having their worst day. Once the incident is over, we continue our partnership to assist our customers in implementing the changes needed to prevent repeat incidents in the future. What you'll do As a Digital Forensics and Incident Response Consultant, your responsibilities include: Provide clients with advice and guidance as they navigate the incident response and recovery process. Triage, collect, and analyze forensically valuable data from the available sources to determine the scope and severity of security incidents. Manage incident response engagements to guide clients through the response process and ensure that the engagement is tailored to meet their specific response needs Documenting and presenting findings and recommendations to clients in a professional manner. Maintaining relationships with clients post-engagement in order to assist and advise on longer-term remediation efforts. Maintaining competence in security trends, technologies, and practices. Working with Soteria's managed detection and response team to improve detection capabilities Training and mentoring consultants and analysts in order to build the company's overall capacity and capability. Qualifications 2 years of digital forensics, incident response, or other relevant experience Experienced in investigating and understanding techniques related to network breaches, business email compromise (BEC), and ransomware incidents. Ability to evaluate triage data and artifacts to detect indicators of compromise (IOCs) and identify suspicious activity. Strong leadership and crisis management skills Working knowledge of Windows, Linux, Unix, and MacOS forensics Proficient in analyzing and interpreting logs from diverse sources Knowledgeable in acquiring and analyzing data from both physical and virtual systems for forensic purposes. Familiarity with networking concepts, protocols, and architectures Disk forensics tools such as Axiom, FTK, etc. SIEM tools as it relates to searching and extracting relevant data for incident investigations Scripting experience as needed to facilitate investigations and remediation efforts Strong written and verbal communication skills. This role is client-facing - Must be able to communicate details of findings to both technical and non-technical clients Must be able to deliver detailed written reports at the conclusion of every client engagement Ability to participate in an on-call rotation, with availability for weekend and after-hours work when needed. Position is fully remote - no mandatory travel, elective travel to industry conferences and training events