Surefire Cyber
Principal Engagement Lead (Remote)
Job Summary
The role involves leading multiple cybersecurity engagements focused on digital forensics and incident response, working closely with clients, legal counsel, and insurers to ensure effective incident management from detection to recovery. The candidate should have experience in managing active cybersecurity incidents, conducting forensic investigations in Linux and Windows environments, and understanding cloud security platforms such as AWS, Azure, and GCP. Strong communication skills and the ability to build client relationships are essential, along with a willingness to participate in after-hours support. The position emphasizes continuous learning and collaboration within a client-focused consulting environment designed to enhance cyber resilience.
Required Skills
Benefits
Job Description
About Surefire Cyber
Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event.
Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-toshoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency
Location: Remote, USA
Role: Full time / Exempt
Compensation: $130k-$165K
What Makes You Stand Out
You are a seasoned cybersecurity professional with a strong background in digital forensics and incident response (DFIR), and incident management. You thrive in a dynamic and client-focused consulting environment, where you can tackle complex cybersecurity challenges. You are skilled at mitigating risks and making well-informed decisions, even in high-pressure scenarios.
You have a demonstrated ability to manage multiple cybersecurity incidents effectively. Your experience includes coordinating incident response efforts, working with cross-functional teams, and external stakeholders including insurance carriers and legal counsel. You strive to consistently deliver quality based client results and ensure a timely resolution while minimizing downtime.
How You'll Make An Impact
As a Principal Engagement Lead, you will be responsible for leading multiple active cybersecurity engagements, interacting with clients, cyber insurers, and legal counsel. Your expertise will guide scoping calls, and you will collaborate closely with other Engagement Leads and Forensic Consultants on our team to ensure high quality service and resolution on active client matters.
Your Role In Action
- Lead and oversee active client-facing incident response engagements, working closely with other team members to guide clients through the entire incident response lifecycle from detection to recovery.
- Conduct scoping calls with clients to define the incident scope, objectives, and expectations of each engagement.
- Work closely with other Engagement Leads and Forensic Consultants to ensure effective coordination of resources and expertise on client matters.
- Build and cultivate strong client relationships based on trust, open communication, and collaborative problem-solving.
- Provide well-informed solutions that go beyond immediate client challenges to achieve long-term security goals.
- Communicate advanced cybersecurity concepts both internally and externally and produce clear and concise verbal and written reports detailing incident findings, and analysis.
- Actively knowledge share with team members cultivating a culture of continuous learning, and stay up to date on industry trends, emerging threats, and best practices.
- Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.
Your Expertise
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, or relevant professional work experience in these disciplines.
- Former professional experience in leading and managing active cybersecurity engagements, including incident response, digital forensics investigations, and interaction with clients, legal counsel, and cyber insurers.
- Experience in conducting security investigations in Linux and Windows environments.
- Understanding of cloud platforms and security considerations within AWS, Azure, and GCP.
- Knowledge of digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK, Volatility, or Open-Source tools.
- Proficiency in conducting forensic analysis, threat assessments, and post incident reviews.
- Eagerness to learn from team, grow your knowledge, and teach your colleagues.
- Ability to provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.
Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion.
Interview Process
- Submit interest and application to on our website
- Preliminary phone interview with the the Talent & People Team (approx., 30 minutes)
- Virtual/Teams interview with Engagement Leads (approx., 60 minutes)
- Virtual/Teams interview with DFIR Consultants (approx., 60 minutes)
- Virtual/Teams interview with Chief Delivery Officer (approx., 45 minutes)
- Mock Scenario Interview (approx., 60 minutes)
- Virtual/Teams interview with CEO (Chief Executive Officer) (approx., 30 minutes)
Please note that we reserve the right to modify the process at any time.
#LI-Remote
Benefits of Joining Surefire Cyber
- Competitive compensation plan and total rewards package for team members
- Remote workforce
- Generous paid time off plan and floating holidays
- Paid parental leave
- Employer paid premiums for both team members and their dependents for medical, dental, and vision
- Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits.
- Professional development and career advancement opportunities
- We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth.
Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.
Surefire Cyber
Surefire Cyber delivers a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.