Title: Incident Response Consultant

Location: Canada

Duration: TBD

Description

The Incident Response Consultant may be responsible for but is not limited to;

• Lead or assist in analyzing cybersecurity incidents for clients across various industries, including ransomware, phishing, insider threats, and unauthorized access.
• Use forensic and threat intelligence tools (e.g., SIEM, EDR, logs, malware sandboxes) to identify indicators of compromise (IOCs), root cause, and attack vectors.
• Perform host, network, and cloud-based investigations to assess scope and impact.
• Guide clients through incident containment, mitigation, and recovery in high-pressure environments.
• Develop and execute tailored response strategies based on threat type, client environment, and regulatory landscape.
• Coordinate technical response efforts with internal client teams, third parties, and law enforcement if applicable.
• Deliver detailed incident reports, executive summaries, and remediation recommendations post-incident.
• Maintain clear documentation of all investigative actions, findings, and decisions for audit, legal, and compliance purposes.
• Contribute to post-incident reviews and continuous improvement cycles.
• Advise clients on improving incident response maturity through playbooks, IR plans, tabletop exercises, and runbooks.
• Support readiness assessments, risk reviews, and maturity gap analysis engagements.
• Deliver client workshops, tabletop simulations, and awareness sessions to improve organizational cyber resilience.
• Recommend and help implement incident detection and response technologies (e.g., EDR, SOAR, threat intel platforms).
• Customize or develop scripts and tools to accelerate and standardize investigation workflows.
• Stay current on evolving threat landscapes to proactively adjust methodologies and detection capabilities.
• Serve as a trusted advisor during and after incidents, translating technical findings into clear, business-relevant language.
• Communicate effectively with CISOs, legal teams, board members, and other non-technical stakeholders.
• Build strong client relationships through professional, responsive, and solutions-oriented engagement.
• Perform advanced forensic imaging and analysis (disk, memory, cloud).
• Support breach notification processes and regulatory filings (e.g., GDPR, CCPA, HIPAA).