Cybersecurity Consultant
Lead or support cybersecurity incident response engagements involving ransomware, advanced persistent threats (APT), insider threats, phishing campaigns, malware infections, unauthorized access, cloud compromises, and other cyber incidents.
Responsibilities include:
- Perform incident triage and determine scope and severity.
- Identify attack vectors and affected assets.
- Collect and preserve forensic evidence.
- Perform root cause analysis.
- Coordinate containment activities.
- Support eradication of adversary presence.
- Restore systems to secure operational status.
- Develop incident timelines.
- Produce executive and technical incident reports.
- Recommend security improvements to prevent recurrence.
Cyber Hunt Operations
Conduct proactive threat hunting activities designed to identify adversaries before significant impact occurs.
Responsibilities include:
- Develop hunt hypotheses based on current intelligence.
- Analyze endpoint, network, cloud, identity, and application logs.
- Identify Indicators of Compromise (IOCs) and Indicators of Attack (IOAs).
- Detect persistence mechanisms.
- Identify lateral movement.
- Investigate privilege escalation.
- Hunt for known threat actor Tactics, Techniques, and Procedures (TTPs).
- Leverage MITRE ATT&CK methodologies.
- Produce actionable hunt findings.
Incident Handling & Event Management (IHEM)
Support enterprise Incident Handling and Event Management capabilities consistent with NIST guidance and industry best practices.
Responsibilities include:
- Monitor security events and alerts.
- Validate and declare security incidents.
- Perform event analysis and prioritization.
- Coordinate incident response activities.
- Conduct technical investigations.
- Execute containment procedures.
- Support remediation efforts.
- Validate recovery activities.
- Document lessons learned.
- Improve incident response processes.
Digital Forensics & Analysis
Support forensic investigations involving:
- Windows
- Linux
- Cloud environments
- Active Directory
- Microsoft 365
- Azure
- AWS
- Containers
- Virtual infrastructure
Experience with:
- Memory analysis
- Disk analysis
- Log analysis
- Timeline reconstruction
- Registry analysis
- Malware triage
Security Technologies
Consultants should have practical experience with one or more of the following:
- Splunk
- Microsoft Sentinel
- CrowdStrike Falcon
- Microsoft Defender
- Elastic
- QRadar
- Palo Alto Cortex
- Trellix
- Carbon Black
- Rapid7
- Tanium
- Tenable
- Qualys
- AWS Security Services
- Azure Security Center
- Microsoft Defender XDR
- EDR/XDR platforms
- Minimum 7 years of cybersecurity experience.
- Minimum 5 years supporting Incident Response or Security Operations Center (SOC) environments.
- Experience responding to live cybersecurity incidents.
- Experience performing enterprise threat hunting.
- Strong understanding of:
- NIST Cybersecurity Framework
- NIST SP 800-61 Computer Security Incident Handling Guide
- NIST SP 800-53
- MITRE ATT&CK Framework
- Cyber Kill Chain
- Zero Trust Architecture
- Experience analyzing:
- Windows Event Logs
- Sysmon
- Active Directory
- DNS
- Firewall logs
- Authentication logs
- EDR telemetry
- Cloud audit logs
- Excellent written and verbal communication skills.
- Ability to explain technical findings to executive leadership.
Desired Qualifications
One or more of the following certifications:
- CISSP
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Enterprise Defender (GCED)
- Certified Ethical Hacker (CEH)
- CompTIA CySA+
- CompTIA Security+
- Splunk Certified Architect
- Splunk Enterprise Security Certified Admin
- Microsoft Certified Security Operations Analyst (SC-200)
- Microsoft Cybersecurity Architect (SC-100)
- AWS Security Specialty
- Certified Cloud Security Professional (CCSP)
Preferred Experience
Experience supporting:
- Federal Civilian Agencies
- Department of Defense
- Intelligence Community
- Critical Infrastructure
- Healthcare
- Financial Services
- Energy Sector
Experience with:
- Continuous Diagnostics and Mitigation (CDM)
- Continuous Monitoring
- Threat Intelligence
- Insider Threat
- Vulnerability Management
- Malware Analysis
- Digital Forensics
- Cloud Incident Response
- Identity-based attacks
- Zero Trust implementations
Availability Requirements
Candidates must be able to:
- Respond to urgent requests within agreed Service Level Agreements (SLAs).
- Participate in after-hours, weekend, and holiday incident response activities.
- Support remote engagements nationwide.
- Participate in surge support during major cybersecurity incidents.
Key Competencies
- Incident Response Leadership
- Cyber Threat Hunting
- Digital Forensics
- Malware Investigation
- Log Analysis
- Enterprise Security Monitoring
- SIEM Operations
- Executive Communication
- Technical Documentation
- Problem Solving
- Crisis Management
- Team Collaboration
Deliverables
Consultants may be expected to produce:
- Incident Response Reports
- Executive Briefings
- Threat Hunt Reports
- Root Cause Analysis Reports
- Lessons Learned Documentation
- Indicators of Compromise (IOC) Reports
- Security Recommendations
- Recovery Validation Reports
- Remediation Plans
Position Pay Range
$150 - $150 USD
About Copper River & The Native Village of Eyak:
Owned by the Native Village of Eyak (NVE), a federally recognized Alaska Native Tribe, the Copper River Family of Companies are a collection of entities that deliver a complementary set of solutions and services to support the diverse missions and requirements of our clients. Proud participants of the Small Business Administration’s (SBA) 8(a) Business Development Program since 2006, our companies consist of both current and graduation SBA 8(a) entities. It is our collective purpose to support the Tribe and diversify the NVE’s ability to facilitate economic advancement.
The income generated from our companies helps the Native Village of Eyak fund health and social services, economic development, natural resource/environmental education, jobs, job training, and other benefits to the NVE in a manner that is consistent with Alaskan Native cultural values and traditions.
Copper River’s Culture
The Copper River Family of Companies has a positive, supportive, and thriving culture. At the foundation of our culture is a focus on collaboration. No matter your role or which operating company you work for, we are ONE TEAM working toward the same goals for our customers and for our collective owner- The Native Village of Eyak. How we treat each other is just as important as the work we deliver.
Benefits
- Comprehensive medical, dental, and vision coverage
- Flexible Spending Account - healthcare and dependent care
- Health Savings Account - high deductible medical plan
- Retirement 401(k) with employer match
- Open leave policy and paid holidays
- Additional benefits including tuition reimbursement, transportation expense account, employee assistance program, and more!
Note: These benefits are only applicable to full time, regular associates at Copper River.
Disclaimer:
The Copper River Family of Companies provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
Create a Job Alert
Interested in building your career at The Copper River Family of Companies? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field
