Cybersecurity Consultant

The Copper River Family of CompaniesColumbia, WA
Remote

About The Position

Lead or support cybersecurity incident response engagements involving ransomware, advanced persistent threats (APT), insider threats, phishing campaigns, malware infections, unauthorized access, cloud compromises, and other cyber incidents. Conduct proactive threat hunting activities designed to identify adversaries before significant impact occurs. Support enterprise Incident Handling and Event Management capabilities consistent with NIST guidance and industry best practices. Support forensic investigations involving Windows, Linux, Cloud environments, Active Directory, Microsoft 365, Azure, AWS, Containers, Virtual infrastructure.

Requirements

  • Minimum 7 years of cybersecurity experience.
  • Minimum 5 years supporting Incident Response or Security Operations Center (SOC) environments.
  • Experience responding to live cybersecurity incidents.
  • Experience performing enterprise threat hunting.
  • Strong understanding of NIST Cybersecurity Framework.
  • Strong understanding of NIST SP 800-61 Computer Security Incident Handling Guide.
  • Strong understanding of NIST SP 800-53.
  • Strong understanding of MITRE ATT&CK Framework.
  • Strong understanding of Cyber Kill Chain.
  • Strong understanding of Zero Trust Architecture.
  • Experience analyzing Windows Event Logs.
  • Experience analyzing Sysmon.
  • Experience analyzing Active Directory.
  • Experience analyzing DNS.
  • Experience analyzing Firewall logs.
  • Experience analyzing Authentication logs.
  • Experience analyzing EDR telemetry.
  • Experience analyzing Cloud audit logs.
  • Excellent written and verbal communication skills.
  • Ability to explain technical findings to executive leadership.

Nice To Haves

  • CISSP certification.
  • GIAC Certified Incident Handler (GCIH) certification.
  • GIAC Certified Forensic Analyst (GCFA) certification.
  • GIAC Certified Enterprise Defender (GCED) certification.
  • Certified Ethical Hacker (CEH) certification.
  • CompTIA CySA+ certification.
  • CompTIA Security+ certification.
  • Splunk Certified Architect certification.
  • Splunk Enterprise Security Certified Admin certification.
  • Microsoft Certified Security Operations Analyst (SC-200) certification.
  • Microsoft Cybersecurity Architect (SC-100) certification.
  • AWS Security Specialty certification.
  • Certified Cloud Security Professional (CCSP) certification.
  • Experience supporting Federal Civilian Agencies.
  • Experience supporting Department of Defense.
  • Experience supporting Intelligence Community.
  • Experience supporting Critical Infrastructure.
  • Experience supporting Healthcare.
  • Experience supporting Financial Services.
  • Experience supporting Energy Sector.
  • Experience with Continuous Diagnostics and Mitigation (CDM).
  • Experience with Continuous Monitoring.
  • Experience with Threat Intelligence.
  • Experience with Insider Threat.
  • Experience with Vulnerability Management.
  • Experience with Malware Analysis.
  • Experience with Digital Forensics.
  • Experience with Cloud Incident Response.
  • Experience with Identity-based attacks.
  • Experience with Zero Trust implementations.

Responsibilities

  • Perform incident triage and determine scope and severity.
  • Identify attack vectors and affected assets.
  • Collect and preserve forensic evidence.
  • Perform root cause analysis.
  • Coordinate containment activities.
  • Support eradication of adversary presence.
  • Restore systems to secure operational status.
  • Develop incident timelines.
  • Produce executive and technical incident reports.
  • Recommend security improvements to prevent recurrence.
  • Develop hunt hypotheses based on current intelligence.
  • Analyze endpoint, network, cloud, identity, and application logs.
  • Identify Indicators of Compromise (IOCs) and Indicators of Attack (IOAs).
  • Detect persistence mechanisms.
  • Identify lateral movement.
  • Investigate privilege escalation.
  • Hunt for known threat actor Tactics, Techniques, and Procedures (TTPs).
  • Leverage MITRE ATT&CK methodologies.
  • Produce actionable hunt findings.
  • Monitor security events and alerts.
  • Validate and declare security incidents.
  • Perform event analysis and prioritization.
  • Coordinate incident response activities.
  • Conduct technical investigations.
  • Execute containment procedures.
  • Support remediation efforts.
  • Validate recovery activities.
  • Document lessons learned.
  • Improve incident response processes.
  • Analyze memory, disk, logs, and registry.
  • Perform timeline reconstruction.
  • Conduct malware triage.

Benefits

  • Comprehensive medical, dental, and vision coverage
  • Flexible Spending Account - healthcare and dependent care
  • Health Savings Account - high deductible medical plan
  • Retirement 401(k) with employer match
  • Open leave policy and paid holidays
  • Tuition reimbursement
  • Transportation expense account
  • Employee assistance program
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service