Skip to Main Content

Senior Cloud Security Consultant - Incident Response Team - Remote, US

Yoh, A Day & Zimmermann Company Boston, MA

  • Expired: April 19, 2021. Applications are no longer accepted.

Remote role

The Incident Response Cloud Consultant role is a senior level position working with customers in the growing area of Incident Response in the Cloud, to include Amazon Web Services (AWS), Microsoft Azure (including O365), and Google Cloud Platform (GCP). This work involves the following overarching duties:

  • Leading augmentation of Secureworks Incident Response Teams Cloud capabilities and skillsets
  • Helping customer prepare to effectively handle security incidents in the Cloud
  • Performing Incident Response and helping customer effectively respond to incidents in the Cloud

Augmenting COMPANY's Incident Response Teams Cloud capabilities includes leading efforts on researching and building best practice documentation and methodologies for both securing the Cloud and responding to security incidents, developing effective and efficient processes and procedures for performing response, and building (or identifying existing) tools to automate response processes across a variety of Cloud environments to include AWS, Azure (including Microsoft 365), and GCP.

Helping customers prepare for security incidents in the Cloud includes developing Incident Response plans and playbooks, delivering Cloud-centric training, and conducting exercises to test response plans for incidents in the Cloud.

Responding to incidents in the Cloud includes helping customers manage both the technical and non-technical aspects of a complex, large-scale incidents occurring within their Cloud environments, conducting detailed forensic analysis to help customers identify the initial infection vector, scope, magnitude, and various other critical aspects of a security incident, developing timelines of malicious activity, and delivering remediation recommendations and recovery plans tailored to customers Cloud operations.

Role Responsibilities

  • Serve as Subject Matter Expert in Incident Response and Digital Forensics in the Cloud
  • Perform complex Incident Response and forensic analysis and develop technical conclusions based on analysis of evidence
  • Review technical analysis and conclusions of other consultants
  • Document findings, develop Incident Response remediation recommendations, and present both orally and in written reports for customers
  • Conduct assessments of customer readiness to respond to incidents in the Cloud, including designing and delivering Incident Response exercises to test customer Incident Response plans
  • Review security and Incident Response assessments of other consultants
  • Develop detailed Incident Response plans and playbooks based on customer needs for Cloud environments
  • Design and deliver Incident Response exercises to test customer Incident Response plans
  • Oversee the delivery of Incident Response exercises by other consultants
  • Support Junior through Senior staff on Cloud security and Incident Response best practices, processes, and tooling
  • Experience leading multiple major work efforts involving research, development, training, and mentoring
  • Desire and aptitude to work with both customers and internal teams to solve complex security issues, often amidst times of crisis
  • Strong technical communication skills (oral and written) including experience briefing senior-level leadership and conveying technical subject matter to audiences of varying backgrounds and skill levels
  • Strong understanding of vulnerabilities within the Cloud along with the tools used to discover, analyze, and exploit such vulnerabilities


  • Minimum of 5 years experience as a Cloud Security Consultant with one of the following hosting platform: AWS, Azure or Google Cloud Platform
  • Minimum of 4 years of experience performing complex, large-scale security monitoring and response as well as host-based and network-based digital forensics
  • In-depth experience researching, using, building, and/or augmenting Cloud-based Open Source Security (OSS) tools utilized for security monitoring and response
  • Experience coding and developing tailored security monitoring and/or Incident Response tooling in current languages such as Python and Go
  • Experience understanding, utilizing, and transforming common data formats such as JSON, YAML, and CSV

Preferred Skills


  • Experience with automation systems
  • ?One or more of the following certifications: GCFA, GCFE, GNFA, or similar (targeted experience for this role may be considered in lieu of these)
  • Experience analyzing and/or reverse engineering malware
  • Understanding of key cybersecurity frameworks relevant to cyber incident response and cyber threat hunting: MITRE ATT&CK, CIS Controls, NIST CSF, NIST 800-53
  • Undergraduate degree in computer science, information systems, information assurance, cybersecurity, or equivalent work experience


Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Visit to contact us if you are an individual with a disability and require accommodation in the application process.PandoLogic. Keywords: Incident Response Analyst, Location: Boston, MA - 02108

Yoh, A Day & Zimmermann Company

Yoh, A Day & Zimmermann Company's Logo


Boston, MA
02108 USA



View all jobs at Yoh, A Day & Zimmermann Company