Principal Consultant, Cyber Advisory

About Surefire Cyber

Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event.

Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency

Job Title: Principal Consultant, Cybersecurity Advisory 

Location:  Remote (Within a 50-mile radius of Columbia, MD) 

Role: Full time 

Compensation: $125K-$160K 

About Surefire Cyber 

Surefire Cyber delivers swift, strong responses to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities. We provide clients confidence by helping them prepare, respond, and recover from cyber incidents—and to fortify their cyber resilience after an incident. 

About You 

As a Principal Consultant you are a highly motivated cybersecurity professional with extensive domain knowledge and experience in Cybersecurity Advisory services. Your expertise encompasses enterprise IT architecture, enterprise risk management, cybersecurity assessments, SOC operations, incident response, computer forensics and security training services. Thriving in fast-paced start-up environments, you are driven by the opportunity to make a tangible impact on clients to boost their cybersecurity posture and mitigate potential risk factors.  

 Your deep understanding of the current IT and ICS threat landscape, coupled with your client-facing experience drives your passion for continuous improvement of client cybersecurity controls. With excellent communication and relationship management skills, you stay at the forefront of emerging cybersecurity trends enabling you to provide well-informed cybersecurity advisory services to clients in the ever-evolving cybersecurity landscape.  

Job Description 

Surefire Cyber is actively seeking a Principal Consultant for our Cybersecurity Advisory Group. This is a full-time position on our team that does require approx. 40% domestic travel, and there is a preference for the selected candidate to be located within a 50-mile radius of Columbia, MD for occasional in person team meetings and collaboration sessions. Surefire Cyber offers a flexible remote working arrangement that fosters a team-first culture, a competitive salary, equity in the company, and excellent benefits.  

In this role, you will serve as a trusted technical and consulting resource on behalf of Surefire Cyber for clients across various industries. Leveraging extensive expertise, the Principal Consultant will provide comprehensive cybersecurity solutions and services, guiding clients through the challenges of cloud security, Privileged Access Management (PAM), Identity and Access Management (IAM), and more. Whether clients are preparing for or recovering from cyber incidents, the Principal Consultant’s knowledge and skills will play a crucial role in advising Surefire Cyber clients in their journey to enhanced cybersecurity.   

You will lead both remote and onsite client engagements, taking a proactive approach to incident response services. You will work collaboratively with cross-functional internal team members and our partners to support our clients in their preparation for and recovery from cybersecurity incidents, enabling them to develop resilience in the face of future challenges.  

High Level Responsibilities 

• Demonstrate a relentless commitment to learning and sharing ideas, fostering an environment of continuous improvement.  
• Cultivate strong professional relationships and communicate effectively with clients, providing expert guidance and assistance in strengthening their cybersecurity maturity and security posture.  
• Proactively share insights and deliver well-researched recommendations, considering budgetary and resource constraints, to enhance clients’ cybersecurity posture and strengthen their resilience strategy.  

Core Responsibilities 

• Work closely with the Director, Cybersecurity Advisory Group to lead, plan, develop and deliver Incident Response Table-Top Exercises.  
• Actively participate in scheduling, planning and documenting client engagements. 
• Conduct comprehensive reviews of client Incident Response Plans (IRP), Incident Response Playbooks, Business Impact Analysis (BIA), Disaster Recovery Plans (DRP) and Business Continuity Plans (BCP), identifying areas for improvement. 
• Deliver Cybersecurity Improvement Plans and regularly conduct Cybersecurity Assessments.
• Perform on-site forensic collection of laptops, desktops, servers, cell phones and lab equipment.   
• Skillfully articulate and provide verbal and written analysis of cybersecurity concepts and processes, catering to both technical and non-technical audiences.
• Contribute to Cybersecurity Advisory Group process development, enhancement, and maintenance of documentation.  
• Collaborate seamlessly with internal stakeholders including the Digital Forensics and Incident Response consulting services, IT, Marketing, and Cyber Solutions teams to deliver first-class resilience management solutions to clients.  

  Requirements 

• Demonstrated practical work experience or comprehensive training in enterprise IT operations, enterprise IT architecture, security assessments or audits.  
• Computer forensics experience, advanced training in computer forensics or Research Integrity sequestration experience forensics training is a plus. Should be at least minimally functional in a Microsoft Windows, Linux, Apple OSX, Apple IOS and Android environment. 
• Experience or training in incident response, computer forensics, cybersecurity assessment or audits, or risk management planning. 
• Profound knowledge of enterprise IT, cybersecurity frameworks, risk management processes, and common threat actor Tactics, Techniques and Procedures (TTP).
• Exceptional writing skills, capable of drafting security assessment reports, incident reports, and training materials. 
• Eagerness to invest in the growth and development of the Surefire Cyber team, through knowledge sharing, and continuous learning opportunities.  
• Provide after-hours support and availability to travel as needed (some weekend travel is involved). 

Interview Process 

• Submit interest and resume to careers@surefirecyber.com 
• Preliminary phone interview with the Chief People Officer (approx., half an hour)
• Virtual/Teams interview with hiring leader/Chief Operating Officer (COO) and Director, Cyber Advisory Services, (approx., 45 minutes) 

Benefits of Joining Surefire Cyber 

• Competitive pay and equity for all employees. 
• Remote work options. 
• Flexible PTO, holiday, and paid parental leave for all employees.
• Comprehensive health, vision, dental, 401K matching program, disability, FSA, HSA, Life and AD&D benefits. 

Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.