Consultant, DFIR, Reactive Services (Unit 42)

About The Position

Requirements

• 2+ years of incident response or digital forensics experience with a passion for cybersecurity
• Proficient with host-based forensics and data breach response
• Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Volatility, WireShark, TCPDump, and open-source forensic tools
• Ability to grow into a valuable contributor to practice and, specifically have an external presence via public speaking, conferences, and/or publications
• have credibility, executive presence, and gravitas
• be able to have a meaningful and rapid delivery contribution
• have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
• be collaborative and build relationships internally, externally, and across all PANW functions, including the sales team
• Incident Response Consulting is highly preferred
• Bachelor’s Degree in Information Security, Digital Forensics, Cyber Security, Computer Science, related field, or equivalent experience required

Responsibilities

• Lead reactive incident response engagements, guiding clients through digital forensics investigations and security incident containment.
• Perform host-based forensic analysis across Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
• Investigate data breaches using advanced forensics tools (e.g., EnCase, FTK, Splunk) to determine the source and scope of malicious activity.
• Examine firewall, web, database, and other log sources to identify evidence and artifacts of compromise.
• Proactively collaborate with clients and internal teams, providing expert guidance on tactical remediation recommendations to improve their security posture.
• Produce and present high-quality deliverables for client engagements, communicating complex findings to both technical and executive stakeholders.
• Travel as needed (approximately 30%) to support client-facing engagement demands.