Senior Consultant (Incident Response)

Who We Are

If you feel like Incident Response and Recovery hasn’t changed in the past 10 years, you’re not alone. Business operations aren’t just on endpoints anymore. It’s behind applications in Okta tiles, auto-scaling workloads, code repos, and sprawling data stores across one or many public clouds. At modePUSH, we’re focused on eradicating adversaries across our client’s entire digital footprint, and that demands a faster, nimbler approach to DFIR.

We’re looking to expand our IR Consulting Team with individuals driven to protect clients, eliminate threat actors, and build the next era of digital forensics and incident response for the modern enterprise.

Who You Are

You know that $I30 isn’t referring to your local interstate, and that the easiest way to get on your bad side is to be handed a timestamp that isn’t in UTC. You’ve got a “Tools” folder sitting on your workstation somewhere with your favorite forensic scripts at the ready to tear into the next piece of suspicious activity you see. And speaking of suspicious activity, you’ve honed a keen sense for knowing the difference between legitimate users and threat actor activity because you’ve seen them in action.
Hundreds of times.

Windows environment investigations feel like the back of your hand at this point, and you’ve been starting to expand your knowledge on cloud-native forensics. Account takeovers are the new malware after all, and investigating the latest threats across Azure, GCP, AWS, and SaaS Apps is the growing frontier you’ve been looking to sink your teeth into.

Client conversations don’t scare you. You understand what it looks like to support a client team that’s going through their worst professional days with confidence and empathy.

You’re insatiably curious, addicted to threat intel, and a builder at heart. Ultimately, you’re looking for the right opportunity that uses your technical chops to find and eliminate meaningful adversaries while putting your stamp on a better approach to traditional DFIR consulting.

Why You Matter

You’ll be joining a seasoned team of high performing incident response consultants that are the tip of the spear for all forensic activity at modePUSH. From ransomware to nation-state threats, you’ll be supporting and leading meaningful cases across traditional enterprise and cloud-native environments. We’re a startup in the truest sense, and your voice has significant weight in shaping our technology stack, investigative methodology, and service offerings as we continue to scale.

What You'll Bring

• Experience responding to threat activity as an IR consultant or SOC analyst
• Strong understanding of Windows/Mac/Linux fundamentals, forensic artifacts, and network analysis
• Existing knowledge or passion to learn cloud-native investigations across AWS, GCP, and Azure
• An unwavering emphasis on investigation at the highest level of quality
• Perspective and voice to continue to shape our practice