The Judge GroupRemote
Security Engineer (Incident Response)
United States
Contract
2 hours ago
H1B Sponsor Likely
Key skills
Incident ResponseSIEM platformsEDR platformsCybersecurity trainingTabletop ExercisesMemory forensicsMalware analysisThreat intelligenceConsulting experienceCrisis management communicationCustomer-facing skillsBachelor’s degreeIndustry certificationsAdvanced DFIR certificationsSplunkLeadershipCommunication
About this role
The Judge Group is seeking an experienced Incident Response Consultant to lead high-impact investigations and deliver proactive security services to enterprise customers. In this role, you will guide clients through complex security incidents and collaborate on strategic improvements to strengthen overall security posture.
Responsibilities:
- Lead end‑to‑end incident response engagements, assigning workstreams, directing analysis, and ensuring clear, consistent communication with customers
- Perform detailed investigation and threat analysis, documenting evidence, IOCs, and findings to expand internal knowledge bases and repeatable workflows
- Deliver both standard and customized proactive security services, using data‑driven insights to align recommendations with customer operational needs
- Partner with cross‑functional teams to design and refine proactive security offerings, service models, and customer engagement frameworks
Requirements:
- Proven consulting experience with strong customer‑facing skills; able to set expectations, manage escalations, and drive accountability throughout incident response
- Exceptional crisis‑management communication skills; able to translate complex technical findings into clear guidance for both technical and non‑technical stakeholders during active incidents
- Hands‑on experience with SIEM and EDR platforms, specifically Splunk and CrowdStrike, for threat hunting, investigation, and incident analysis
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related technical field
- Experience designing, leading, or facilitating Tabletop Exercises (TTX) to evaluate and mature client incident readiness
- Background in delivering cybersecurity training, workshops, or technical instruction to audiences ranging from SOC analysts to executive leadership
- Advanced incident response capabilities, including memory forensics, malware analysis, and APT lateral movement investigation
- Ability to convert threat intelligence into high‑value, strategic security recommendations to support long‑term resilience
- Industry certifications from recognized organizations (e.g., SANS GIAC, ISC2 CISSP, EC‑Council) preferred
- Advanced DFIR certifications such as GCIH, GCFA, GCFE strongly encouraged