Incident Response Consultant (CPX)

About the role

As an Incident Response Consultant you will work within a blue‑team environment, delivering technical expertise on endpoint and network threat detection, hunting and forensic investigations for a variety of customers. You will operate both independently and as part of a motivated team, handling fast‑paced engagements and producing clear reports for technical and non‑technical audiences.

Key responsibilities

• Serve as technical expert on active incident response engagements for multiple retainer customers.
• Conduct threat‑hunting activities and proactive environment assessments.
• Perform host‑based assessments using EDR tools and network assessments with full packet capture.
• Execute host and network forensics on Windows, macOS and Linux platforms.
• Carry out digital forensic investigations supporting cyber‑incident response.
• Document processes and contribute to continuous service improvement.
• Produce detailed technical reports and briefs, explaining findings to both technical and non‑technical stakeholders.

Required profile

• 1‑3 years of experience in incident response, threat hunting or related blue‑team activities.
• Strong attention to detail and accurate reporting.
• Good written and spoken English.
• GIAC certification in at least one discipline (e.g., GNFA, GCIH, GCIA, GCFE, GCFA, GDAT) or equivalent.
• Ability to work independently and adapt to changing priorities.

Required skills

• Blue‑team operations and threat‑hunting techniques.
• Understanding of network protocols (TCP/IP) and network analysis tools (Zeek/Bro, Rita, Suricata).
• Experience with Windows, Linux and optionally macOS forensic analysis.
• Use of EDR and threat‑hunting tools.
• Familiarity with ATT&CK framework and current threat trends.
• Basic knowledge of static and dynamic malware analysis.