Back to Jobs
United States of America Remote (Global) Full-time

GuidePoint Security is hiring a Principal DFIR Consultant - Remote (Anywhere in the U.S.)

Responsibilities

  • Provide oversight on high-severity investigations by reviewing technical findings, guiding client communications, and ensuring analytical accuracy and deliverable quality.
  • Lead critical incident response engagements involving ransomware, advanced persistent threats, nation-state actors, or insider threats, establishing best practices in investigation and client interaction.
  • Perform in-depth technical analysis including host-based forensics, network traffic examination, malware triage and reverse engineering, cloud environment investigations, and threat actor profiling.
  • Act as a senior-level responder during periods of high demand, providing expert support across multiple concurrent incidents.
  • Create, refine, and manage standardized investigation methods, operational playbooks, and procedural documentation to elevate team-wide performance.
  • Mentor mid-level consultants and analysts by offering technical guidance, client engagement strategies, and career development support.
  • Support the development of future incident response leaders through coaching and knowledge transfer.
  • Lead training initiatives, publish technical content, document post-incident learnings, and contribute to organizational expertise.
  • Evaluate existing tools and workflows to identify inefficiencies and develop custom automation, scripts, or integrations that enhance investigative speed and effectiveness.
  • Assist in recruiting efforts by participating in candidate evaluations, technical interviews, and skill assessments.
  • Develop strong, trusted relationships with key clients and serve as a senior technical advisor during critical security events.
  • Support business development through technical scoping, proposal creation, statement of work reviews, and client-facing presentations for incident response and compromise assessment services.
  • Represent the organization in public forums such as conferences, webinars, published articles, and community engagements within the DFIR field.
  • Remain accessible outside regular working hours to respond to urgent incidents and team escalations.
  • Participate in an on-call rotation commensurate with seniority level.
  • Proactively detect and resolve shortcomings in team operations, internal processes, or service delivery to clients.
  • Demonstrate a standard of accountability, responsiveness, and professional conduct for others on the team to emulate.

Work Arrangement

Remote (Worldwide)

Other

  • Maintaining consistent availability outside standard business hours for high-severity incident surges and team escalations.
  • Participating in on-call rotation as appropriate for seniority.
  • Proactively identifying and addressing gaps in team performance, processes, or client delivery.
  • Setting an example of professionalism, urgency, and ownership that the broader team can follow.
About company
GuidePoint Security
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
All jobs at GuidePoint Security Visit website
Job Details
Department DFIR Practice
Category security
Posted 4 days ago