Manage and lead incident response engagements, including scoping work, guiding clients through forensic investigations, and containing security incidents.
Perform reactive incident response and host-based analysis on Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs).
Examine firewall, web, database, and other log sources to identify evidence of malicious activity and attack vectors.
Investigate data breaches using forensic tools like EnCase, FTK, X-Ways, SIFT, and Splunk to determine the source and scope of compromises.
Provide clients with clear, actionable recommendations for long-term remediation and security posture improvement.
Collaborate with internal teams and external stakeholders to ensure alignment and deliver comprehensive solutions.