[Remote] Cyber DFIR Lead Consultant

Note: The job is a remote job and is open to candidates in USA. PNG Cyber, LLC is seeking a DFIR Lead Consultant to provide senior-level technical expertise in digital forensics and incident response while managing complex case lifecycles. The role involves leading investigations into various cyber incidents and acting as the primary client liaison.

Responsibilities
• Serve as the primary point of contact for clients, legal counsel, and other stakeholders throughout the entire case lifecycle—from intake and scoping to final reporting and closure
• Conduct detailed scoping calls, accurately gather case requirements, and develop precise Statements of Work (SOWs)
• Oversee and manage multiple simultaneous engagements; ensure projects stay on track, on time, and within scope
• Direct and mentor a team of analysts and consultants, providing quality control for all technical work products and deliverables
• Independently conduct forensic analysis using tools like Axiom, X-Ways, Splunk, and other open-source & commercial IR tools to lead investigations into ransomware, BECs, and other cyber incidents
• Communicate and negotiate with threat actors during active ransomware incidents
• Communicate complex technical findings clearly and concisely—both verbally and in writing—to technical and non-technical audiences, including on-camera client briefings
• Draft, review, and deliver professional, client-ready reports with meticulous attention to accuracy, clarity, and quality
• Contribute to the development and implementation of modern forensic techniques, tools, and internal best practices
• Maintain high availability and responsiveness during active engagements, including working non-traditional hours when necessary
• Drive ongoing team development through training, mentorship, and knowledge sharing

Skills
• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Security, Digital Forensics, or a related field
• 5+ years of proven experience leading digital forensics and incident response engagements, including direct client interaction and case management
• Deep knowledge of incident response, digital forensics methodologies, ransomware investigations, BEC cases, and threat actor tactics
• Strong customer-service orientation with the ability to translate technical details into clear, actionable information for clients and counsel
• Demonstrated ability to manage teams, set priorities, and maintain quality control across multiple high-stakes engagements
• Excellent verbal and written communication skills; proven record of drafting and reviewing professional technical reports
• Must have a working knowledge of tools used to collect, triage, and analyze evidence, and to secure and monitor client environments — including EDR solutions such as SentinelOne, Huntress, Sophos, CrowdStrike Falcon, and similar platforms
• Flexible and adaptable with the ability to work extended hours as needed during critical incidents. Highly self-motivated problem solver who thrives in dynamic, fast-paced environments
• Professional certifications such as GCFE, GCFA, GCIH, GNFA, GREM, CISSP, or other relevant industry certifications strongly preferred
• Experience with scripting and programming languages such as C#, Go, Rust, Python, PowerShell, and Bash preferred
• Experience with multiple operating systems such as: Windows, Linux, MacOS, and Unix

Company Overview
• Providing Global End-to-End Cyber Services for Incident Response, Recovery & Restoration, Cyber Risk and MSSP. It was founded in 2021, and is headquartered in Sugar Land, TX, US, with a workforce of 11-50 employees. Its website is https://www.png-cyber.com/.

Apply tot his job

Apply To this Job

Ready to Apply?

Don't miss out on this amazing opportunity!