Principal Consultant, Incident Response

Our Mission

At Palo Alto Networks everything starts and ends with our mission:

Being the cybersecurity partner of choice, protecting our digital way of life.

Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for innovators who are as committed to shaping the future of cybersecurity as we are.

Our Approach to Work

We lead with flexibility and choice in all of our people programs. We have disrupted the traditional view that all employees have the same needs and wants. We offer personalization and offer our employees the opportunity to choose what works best for them as often as possible - from your wellbeing support to your growth and development, and beyond

At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work from the office three days per week, leaving two days for choice and flexibility to work where you feel most effective. This setup fosters casual conversations, problem-solving, and trusted relationships. While details may evolve, our goal is to create an environment where innovation thrives, with office-based teams coming together three days a week to collaborate and thrive, together

Your Career

As a Principal Consultant in Unit 42 the individual will be responsible for managing incident response engagements with our largest clients and in our most complex engagements. They will become the go-to expert for clients during high-priority incident response, remediation, and recovery phases, providing both strategic guidance and technical oversight, while also focusing on product integration. The role requires in-depth cybersecurity expertise to enable serving as an incident commander throughout the incident response lifecycle.

While actively involved in incident response service delivery, this person also works with peers and the executive team to enhance Unit 42's incident response practice, including developing and improving the technical and operating methodologies employed during incident response engagements.

We are seeking an individual who is dedicated to delivering highly technical consulting services to an exceptional standard, thrives in a fast paced team environment, and advocates for innovative approaches to deliver the best outcomes for our cross-sector clients.

Your Impact

• Lead the team delivering high-profile, high-stakes enterprise level incident response engagements
• Provide hands-on, expert-level incident response services to clients and deliver findings to CxO and/or Board of Directors
• Partner with the Unit 42 Directors, executive team and service line leaders to develop and execute strategy for the Unit 42 Digital Forensics & Incident Response (DFIR) practice, as well as continuously advance the maturity of our services
• Drive innovation in Unit 42's reactive offerings, by leading the consulting team and collaborating with cross-functional teams to bring new capabilities and services to market that leverage Palo Alto Networks products
• Ensure the consistency and quality of our services and highest level of customer service
• Integrate threat intelligence into our services by deepening the feedback loop with Unit 42 Threat Intelligence team and telemetry
• Recruit and onboard world class Incident Response talent to support our growth goals
• Support the professional growth and development of our consultants through training and technical enablement
• Foster and maintain a culture that attracts and retains smart, kind team members dedicated to executing with excellence
• Identify and execute strategies for service development, enablement, and process that result in the pull through of Palo Alto Networks products
• Cultivate and maintain relationships with key clientele to increase awareness of Unit 42's' capabilities and provide on-demand expertise for client needs
• Amplify Unit 42s' presence and credibility in the marketplace through thought leadership, including via speaking engagements, articles, whitepapers, and media exposure

Your Experience

• 7+ years of hands-on professional experience in incident response, with 3+ years experience in client-facing consulting roles
• Demonstrated prior experience and success in leading multi-site, large scale incident response engagements, including scoping work, managing incident response engagements end-to-end and providing guidance on tactical and longer term remediation recommendations
• Experience in managing, leading and motivating consultants at all levels
• Experience as a team leader including overseeing other senior, and mid-level analyst/consultant teams
• Ability to travel as needed to meet business demands
• Able to split your time across commercial support, client delivery, team coaching, and technical expertise and skills maintenance activities
• Strong presentation, communication, and presentation skills with verifiable industry experience communicating at CxO and/or Board of Directors level
• Expert level of knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance
• Deep technical experience and operational understanding of major operating systems (Microsoft Windows, Linux, or Mac) and/or proficiency in host based forensics, network forensics and cloud incident response
• Endpoint Detection and Response (EDR), threat hunting, log analysis,and triage forensics
• Collection and analysis of host and cloud based forensic data at scale
• Client services mindset and top-notch client management skills
• Experienced-based understanding of clients' needs and desired outcomes in incident response investigations
• Demonstrated writing ability, including technical reports, business communication, and thought leadership pieces
• Operates with a hands-on approach to service delivery with a bias towards collaboration and teamwork
• Track record of championing innovation and improvement initiatives for your area of expertise, identifying emerging trends and technologies and developing leading solutions to address client needs
• Be a valuable contributor to the practice and, specifically
  • develop an external presence via public speaking, conferences, and/or publications
  • have credibility, executive presence, and gravitas
  • be able to have a meaningful and rapid delivery contribution
  • have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
  • be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
• Bachelor's Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent relevant experience or equivalent military experience to meet job requirements and expectations
• Professional industry certifications such as
  • GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Incident Handler (GCIH)

Desired but not essential

• Operational Technology (OT) incident response experience
• Ability to assist in a broad range of cyber security consulting engagements such as digital forensics and incident response (DFIR), security operations (SOC) assessments, table top exercises (TTX), and/or compromise assessments
• Professional industry certifications such as
  • GIAC Defensible Security Architect (GDSA), GIAC Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON)
  • Offensive Security Certified Expert (OSCE), Offensive Security Certified Professional (OSCP), CREST Registered Tester (CREST CRT), GIAC Penetration Tester (GPEN)
  • CISSP, CISM
• Understanding of cyber risk frameworks or industry standards such NIST CSF and 800-53, ISO 27001/2, PCI, CIS Top 20, CMMC
• Public speaking experience at prestigious industry events
• (In addition to exceptional English communications skills) business level proficiency in one or more languages spoken across JAPAC

The Team

Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics, and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions, we are experienced in working quickly to provide an effective incident response, attack readiness, and remediation plans with a focus on providing long-term support to improve our clients' security posture.

Our Commitment

We're trailblazers that dream big, take risks, and challenge cybersecurity's status quo. It's simple: we can't accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at .

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.