Consultant - Enterprise Incident Management | Remote, USA

Consultant - Enterprise Incident Management | Remote, USA

Apply locations: Fort Worth, Texas | Full time | Posted 3 Days Ago | Job requisition id: 2025-12669

This position will be fully remote and can be hired anywhere in the US.

An Enterprise Incident Management (EIM) Consultant is a highly skilled incident responder capable of performing complex investigations while maintaining a business focus and meeting client requirements. This position will work both independently and as part of a team to perform digital investigations including: Zero Day Exploitation, Business Email Compromise, Unauthorized Access, Sensitive Data Exposure, Insider Threat, Malware Analysis, and Threat Hunting. An EIM Consultant also contributes to the development and continuous improvement of the EIM practice through various team and industry contributions.

• Ability to combine multiple separate findings to identify complex attacks and incidents
• Ability to manually collect relevant data sources during an incident
• Ability to identify, describe, and report threat vectors and forensic artifacts
• Proficiency with commercial and open-source security tools required (EnCase, FTK, XWays, Splunk, ELK, EZ Tools, etc.)
• Familiarity with different network architectures, network services, system types, network devices, development platforms, and software suites required (Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET, etc.)
• Familiarity with Endpoint Detection and Response (EDR) products, such as SentinelOne, Carbon Black, CrowdStrike, etc.
• Passion for creating tools and automation to make tasks more efficient (preferred)
• Knowledge of programming and scripting for developing security tools (preferred)
• Ability to create comprehensive incident reports
• Ability to work well with customers and self-manage through difficult situations, focusing on client satisfaction
• Ability to convey complex technical security concepts to both technical and non-technical audiences, including executives
• Ability to work independently and in teams
• Willingness to collaborate and share knowledge with team members
• Proven ability to review and revise reports written by peers
• Effective time management skills, ability to balance multiple projects, and handle large, complex projects with minimal supervision

• Bachelor's degree and approximately 2-5 years of related work experience
• Approximately 2-5 years of technical architecture experience
• Prior experience in Incident Response, including Containment, Forensics, Root Cause Analysis, and Remediation for enterprise organizations
• Ability to travel 25-40% to client sites
• Willingness to respond onsite in a 24/7/365 environment, including evenings, overnights, and weekends/holidays
• Preferred certifications: GIAC GCFE, GCIH, ECIH, CCFE

• Commitment to Diversity, Equality, and Inclusion
• Work/life balance
• Professional training resources
• Opportunity to tackle complex, unique projects
• Volunteer opportunities through “Optiv Chips In”
• Remote work technology and support

Optiv is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age, marital status, genetic information, national origin, disability, military or veteran status, or other protected categories.

We respect your privacy. By applying, you consent to the collection, use, and processing of your personal information as detailed in our Applicant Privacy Notice. You may unsubscribe from job notifications at any time.

We work alongside clients to manage cyber risk and enable business progress through our expertise and solutions. Our diverse teams and deep industry experience allow us to face any challenge confidently. We focus on designing and implementing agile, risk-aware solutions to secure and fortify your business now and in the future.

At Optiv, we manage cyber risk so you can secure your full potential.