Contract Bench, Incident Responder (DFIR)
United States - Remote
Full Time Contract Senior-level / Expert USD 160K - 200K
Who We Are
If you feel like Incident Response and Recovery hasn’t changed in the past 10 years, you’re not alone. Business operations aren’t just on endpoints anymore. It’s behind applications in Okta tiles, auto-scaling workloads, code repos, and sprawling data stores across one or many public clouds. At modePUSH, we’re focused on eradicating adversaries across our client’s entire digital footprint, and that demands a faster, nimbler approach to DFIR.
We know high quality incident response starts and ends with great people. ModePUSH is looking for the weekend warriors, the late-night crusaders, or any variation in between to do investigative work at a pace that matches your lifestyle.
Who You Are
You’re a “retired” incident responder that’s called it quits because of missed one too many holidays and an exhausting on-call schedule. If you’re honest though, you miss the investigation. Finding actual evil and seeing the latest threat activity is more exciting than your day job, and you’d love to get your fix on some live response data without committing all your waking hours.
You know that $I30 isn’t referring to your local interstate, and that the easiest way to get on your bad side is to be handed a timestamp that isn’t in UTC. You’ve got a “Tools” folder sitting on your workstation somewhere with your favorite forensic scripts at the ready to tear into the next piece of suspicious activity you see. And speaking of suspicious activity, you’ve honed a keen sense for knowing the difference between legitimate users and threat actor activity because you’ve seen them in action.
Hundreds of times.
Windows environment investigations feel like the back of your hand at this point, and you’ve been starting to expand your knowledge on cloud-native forensics. Account takeovers are the new malware after all, and investigating the latest threats across Azure, GCP, AWS, and SaaS Apps is the growing frontier you’ve been looking to sink your teeth into.
You’re insatiably curious, addicted to threat intel, and an investigator at heart. Ultimately, you’d love an opportunity that allows you to get deeply technical and solve real cases at an intensity that’s compatible with your day job and every day life.
Why You Matter
You’ll be joining a seasoned team of high performing incident response consultants as part of our contract bench that are the tip of the spear for all forensic activity at modePUSH. With that, you’ll be eligible for picking up live response work and analysis to support breaches ranging from ransomware to nation-state threats at a schedule that makes sense for you. Your analysis expands our capacity to support clients at the highest level of quality.
What You'll Bring
- Experience responding to threat activity as an IR consultant or SOC analyst
- Strong understanding of Windows/Mac/Linux fundamentals, forensic artifacts, and network analysis
- Existing knowledge or passion to learn cloud-native investigations across AWS, GCP, and Azure
- An unwavering emphasis on investigation at the highest level of quality
- Perspective and voice to continue to shape our practice
- At least a few free hours a week on your schedule to take on IR work. We’re day-job friendly (as long as your employer is cool with it).
Compensation
$80 to $100 USD / billable hour based on skills and experience. Prorated full-time compensation of $160,000 to $200,000 USD.
Tags: AWS Azure Cloud DFIR Forensics GCP Incident response Linux Malware Okta SaaS SOC Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs